From 2eddc32eed5fc6d73cca74af03f9bc5d62ab963c Mon Sep 17 00:00:00 2001 From: Ruby Martin Date: Tue, 27 May 2025 09:43:44 -0600 Subject: [PATCH] coverity: fix use after free, improper use of negative value, initialize src variable --- tests/api.c | 5 ++++- tests/api/test_digest.h | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/api.c b/tests/api.c index 37717fdf0..ef1ecc0f3 100644 --- a/tests/api.c +++ b/tests/api.c @@ -19448,6 +19448,7 @@ static int test_wolfSSL_d2i_ASN1_INTEGER(void) ExpectIntLT(wolfSSL_i2d_ASN1_INTEGER(a, &p2), 0); if (a != NULL) { /* Reset a->data. */ + a->isDynamic = 0; a->data = a->intData; } /* Set a to valid value. */ @@ -39051,12 +39052,14 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void) { XFILE file = XBADFILE; const char* fname = "./certs/server-key.der"; + long lsz = 0; size_t sz = 0; byte* buf = NULL; ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE); ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0); - ExpectTrue((sz = XFTELL(file)) != 0); + ExpectTrue((lsz = XFTELL(file)) > 0); + sz = (size_t)lsz; ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0); ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE)); ExpectIntEQ(XFREAD(buf, 1, sz, file), sz); diff --git a/tests/api/test_digest.h b/tests/api/test_digest.h index 2d28a2bf2..d11da63de 100644 --- a/tests/api/test_digest.h +++ b/tests/api/test_digest.h @@ -510,6 +510,7 @@ do { \ byte data[WC_##upper##_BLOCK_SIZE]; \ \ XMEMSET(data, 0xa5, sizeof(data)); \ + XMEMSET(&src, 0, sizeof(src)); \ \ ExpectIntEQ(wc_Init##name(&src, HEAP_HINT, INVALID_DEVID), 0); \ XMEMSET(&dst, 0, sizeof(dst)); \