feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

scan build fixes

Browse Source
This commit is contained in:
toddouska
2013-02-14 14:09:41 -08:00
parent 8ace08499b
commit 62ef5de25c
9 changed files with 90 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
ctaocrypt/benchmark/benchmark.c
View File

@@ -619,6 +619,7 @@ RNG rng;
void bench_rsa(void) void bench_rsa(void)
{ {
int i; int i;
int ret;
byte tmp[3072]; byte tmp[3072];
size_t bytes; size_t bytes;
word32 idx = 0; word32 idx = 0;
@@ -654,14 +655,18 @@ void bench_rsa(void)
if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0) if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0)
printf("RSA init cavium failed\n"); printf("RSA init cavium failed\n");
#endif #endif
InitRng(&rng); ret = InitRng(&rng);
if (ret < 0) {
printf("InitRNG failed\n");
return;
}
InitRsaKey(&rsaKey, 0); InitRsaKey(&rsaKey, 0);
bytes = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes);
start = current_time(1); start = current_time(1);
for (i = 0; i < times; i++) for (i = 0; i < times; i++)
bytes = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng);
total = current_time(0) - start; total = current_time(0) - start;
each = total / times; /* per second */ each = total / times; /* per second */
@@ -670,11 +675,16 @@ void bench_rsa(void)
printf("RSA %d encryption took %6.2f milliseconds, avg over %d" printf("RSA %d encryption took %6.2f milliseconds, avg over %d"
" iterations\n", rsaKeySz, milliEach, times); " iterations\n", rsaKeySz, milliEach, times);
if (ret < 0) {
printf("Rsa Public Encrypt failed\n");
return;
}
start = current_time(1); start = current_time(1);
for (i = 0; i < times; i++) { for (i = 0; i < times; i++) {
byte out[512]; /* for up to 4096 bit */ byte out[512]; /* for up to 4096 bit */
RsaPrivateDecrypt(enc, (word32)bytes, out, sizeof(out), &rsaKey); RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey);
} }
total = current_time(0) - start; total = current_time(0) - start;
@@ -736,6 +746,9 @@ void bench_dh(void)
bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes);
if (bytes != 0) { if (bytes != 0) {
printf("dhekydecode failed, can't benchmark\n"); printf("dhekydecode failed, can't benchmark\n");
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
fclose(file);
#endif
return; return;
} }

6
ctaocrypt/src/asn.c
View File

@@ -791,6 +791,8 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz, ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
iterations, 8, typeH, 2); iterations, 8, typeH, 2);
} }
else
return ALGO_ID_E;
if (ret != 0) if (ret != 0)
return ret; return ret;
@@ -1610,7 +1612,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (email) { if (email) {
if (14 > (ASN_NAME_MAX - idx)) { if ( (14 + adv) > (int)(ASN_NAME_MAX - idx)) {
CYASSL_MSG("ASN name too big, skipping"); CYASSL_MSG("ASN name too big, skipping");
tooBig = TRUE; tooBig = TRUE;
} }
@@ -1633,7 +1635,7 @@ static int GetName(DecodedCert* cert, int nameType)
} }
if (uid) { if (uid) {
if (5 > (ASN_NAME_MAX - idx)) { if ( (5 + adv) > (int)(ASN_NAME_MAX - idx)) {
CYASSL_MSG("ASN name too big, skipping"); CYASSL_MSG("ASN name too big, skipping");
tooBig = TRUE; tooBig = TRUE;
} }

1
ctaocrypt/src/hmac.c
View File

@@ -154,6 +154,7 @@ void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
default: default:
break; break;
} }
if ( (hmac_block_size - length) > 0)
XMEMSET(ip + length, 0, hmac_block_size - length); XMEMSET(ip + length, 0, hmac_block_size - length);
for(i = 0; i < hmac_block_size; i++) { for(i = 0; i < hmac_block_size; i++) {

14
ctaocrypt/test/test.c
View File

@@ -2110,6 +2110,7 @@ int rsa_test(void)
"Please run from CyaSSL home dir", -40); "Please run from CyaSSL home dir", -40);
bytes = fread(tmp, 1, FOURK_BUF, file); bytes = fread(tmp, 1, FOURK_BUF, file);
fclose(file);
#endif /* USE_CERT_BUFFERS */ #endif /* USE_CERT_BUFFERS */
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
@@ -2151,6 +2152,7 @@ int rsa_test(void)
return -49; return -49;
bytes = fread(tmp, 1, FOURK_BUF, file2); bytes = fread(tmp, 1, FOURK_BUF, file2);
fclose(file2);
#endif #endif
#ifdef CYASSL_TEST_CERT #ifdef CYASSL_TEST_CERT
@@ -2164,10 +2166,6 @@ int rsa_test(void)
(void)bytes; (void)bytes;
#endif #endif
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
fclose(file2);
fclose(file);
#endif
#ifdef CYASSL_KEY_GEN #ifdef CYASSL_KEY_GEN
{ {
@@ -2541,6 +2539,7 @@ int dh_test(void)
return -50; return -50;
bytes = (word32) fread(tmp, 1, sizeof(tmp), file); bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
fclose(file);
#endif /* USE_CERT_BUFFERS */ #endif /* USE_CERT_BUFFERS */
InitDhKey(&key); InitDhKey(&key);
@@ -2573,9 +2572,6 @@ int dh_test(void)
FreeDhKey(&key); FreeDhKey(&key);
FreeDhKey(&key2); FreeDhKey(&key2);
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
fclose(file);
#endif
return 0; return 0;
} }
@@ -2615,6 +2611,7 @@ int dsa_test(void)
return -60; return -60;
bytes = (word32) fread(tmp, 1, sizeof(tmp), file); bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
fclose(file);
#endif /* USE_CERT_BUFFERS */ #endif /* USE_CERT_BUFFERS */
InitSha(&sha); InitSha(&sha);
@@ -2636,9 +2633,6 @@ int dsa_test(void)
if (answer != 1) return -65; if (answer != 1) return -65;
FreeDsaKey(&key); FreeDsaKey(&key);
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
fclose(file);
#endif
return 0; return 0;
} }

21
cyassl/test.h
View File

@@ -359,6 +359,9 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
else else
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0); *sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
if (*sockfd < 0)
err_sys("socket failed\n");
#ifndef USE_WINDOWS_API #ifndef USE_WINDOWS_API
#ifdef SO_NOSIGPIPE #ifdef SO_NOSIGPIPE
{ {
@@ -414,7 +417,7 @@ enum {
TEST_ERROR_READY TEST_ERROR_READY
}; };
static INLINE int tcp_select(SOCKET_T socketfd, unsigned int to_sec) static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
{ {
fd_set recvfds, errfds; fd_set recvfds, errfds;
SOCKET_T nfds = socketfd + 1; SOCKET_T nfds = socketfd + 1;
@@ -453,9 +456,11 @@ static INLINE void tcp_listen(SOCKET_T* sockfd, int port, int useAnyAddr,
#ifndef USE_WINDOWS_API #ifndef USE_WINDOWS_API
{ {
int on = 1; int res, on = 1;
socklen_t len = sizeof(on); socklen_t len = sizeof(on);
setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (res < 0)
err_sys("setsockopt SO_REUSEADDR failed\n");
} }
#endif #endif
@@ -500,9 +505,11 @@ static INLINE void udp_accept(SOCKET_T* sockfd, int* clientfd, int useAnyAddr,
#ifndef USE_WINDOWS_API #ifndef USE_WINDOWS_API
{ {
int on = 1; int res, on = 1;
socklen_t len = sizeof(on); socklen_t len = sizeof(on);
setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
if (res < 0)
err_sys("setsockopt SO_REUSEADDR failed\n");
} }
#endif #endif
@@ -561,7 +568,11 @@ static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
int ret = ioctlsocket(*sockfd, FIONBIO, &blocking); int ret = ioctlsocket(*sockfd, FIONBIO, &blocking);
#else #else
int flags = fcntl(*sockfd, F_GETFL, 0); int flags = fcntl(*sockfd, F_GETFL, 0);
if (flags < 0)
err_sys("fcntl get failed");
fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK); fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK);
if (flags < 0)
err_sys("fcntl set failed");
#endif #endif
} }

3
examples/client/client.c
View File

@@ -415,6 +415,7 @@ void client_test(void* args)
printf("SSL connect ok, sending GET...\n"); printf("SSL connect ok, sending GET...\n");
msgSz = 28; msgSz = 28;
strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz);
msg[msgSz] = '\0';
} }
if (CyaSSL_write(ssl, msg, msgSz) != msgSz) if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
err_sys("SSL_write failed"); err_sys("SSL_write failed");
@@ -521,10 +522,10 @@ void client_test(void* args)
CyaSSL_shutdown(sslResume); CyaSSL_shutdown(sslResume);
CyaSSL_free(sslResume); CyaSSL_free(sslResume);
CloseSocket(sockfd);
} }
CyaSSL_CTX_free(ctx); CyaSSL_CTX_free(ctx);
CloseSocket(sockfd);
((func_args*)args)->return_code = 0; ((func_args*)args)->return_code = 0;
} }

20
src/ssl.c
View File

@@ -500,6 +500,9 @@ int CyaSSL_shutdown(CYASSL* ssl)
{ {
CYASSL_ENTER("SSL_shutdown()"); CYASSL_ENTER("SSL_shutdown()");
if (ssl == NULL)
return 0;
if (ssl->options.quietShutdown) { if (ssl->options.quietShutdown) {
CYASSL_MSG("quiet shutdown, no close notify sent"); CYASSL_MSG("quiet shutdown, no close notify sent");
return 0; return 0;
@@ -1578,6 +1581,10 @@ int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type,
} }
dynamic = 1; dynamic = 1;
} }
else if (sz < 0) {
XFCLOSE(file);
return SSL_BAD_FILE;
}
if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0)
ret = SSL_BAD_FILE; ret = SSL_BAD_FILE;
@@ -1741,6 +1748,10 @@ int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname,
} }
dynamic = 1; dynamic = 1;
} }
else if (sz < 0) {
XFCLOSE(file);
return SSL_BAD_FILE;
}
if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0)
ret = SSL_BAD_FILE; ret = SSL_BAD_FILE;
@@ -2051,6 +2062,10 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
} }
dynamic = 1; dynamic = 1;
} }
else if (sz < 0) {
XFCLOSE(file);
return SSL_BAD_FILE;
}
if ( (ret = (int)XFREAD(fileBuf, sz, 1, file)) < 0) if ( (ret = (int)XFREAD(fileBuf, sz, 1, file)) < 0)
ret = SSL_BAD_FILE; ret = SSL_BAD_FILE;
@@ -2262,6 +2277,10 @@ static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl,
} }
dynamic = 1; dynamic = 1;
} }
else if (sz < 0) {
XFCLOSE(file);
return SSL_BAD_FILE;
}
if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0)
ret = SSL_BAD_FILE; ret = SSL_BAD_FILE;
@@ -6401,6 +6420,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
} }
if ((myBuffer != NULL) && if ((myBuffer != NULL) &&
(sz > 0) &&
(XFREAD(myBuffer, sz, 1, file) > 0) && (XFREAD(myBuffer, sz, 1, file) > 0) &&
(PemToDer(myBuffer, sz, CERT_TYPE, (PemToDer(myBuffer, sz, CERT_TYPE,
&fileDer, ctx->heap, &info, &eccKey) == 0) && &fileDer, ctx->heap, &info, &eccKey) == 0) &&

20
tests/api.c
View File

@@ -613,21 +613,21 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
if (CyaSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS) if (CyaSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS)
{ {
/*err_sys("can't load ca file, Please run from CyaSSL home dir");*/ /*err_sys("can't load ca file, Please run from CyaSSL home dir");*/
return 0; goto done;
} }
if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS) != SSL_SUCCESS)
{ {
/*err_sys("can't load server cert chain file, " /*err_sys("can't load server cert chain file, "
"Please run from CyaSSL home dir");*/ "Please run from CyaSSL home dir");*/
return 0; goto done;
} }
if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS) != SSL_SUCCESS)
{ {
/*err_sys("can't load server key file, " /*err_sys("can't load server key file, "
"Please run from CyaSSL home dir");*/ "Please run from CyaSSL home dir");*/
return 0; goto done;
} }
ssl = CyaSSL_new(ctx); ssl = CyaSSL_new(ctx);
tcp_accept(&sockfd, &clientfd, (func_args*)args, yasslPort, 0, 0); tcp_accept(&sockfd, &clientfd, (func_args*)args, yasslPort, 0, 0);
@@ -648,7 +648,7 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
char buffer[80]; char buffer[80];
printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
/*err_sys("SSL_accept failed");*/ /*err_sys("SSL_accept failed");*/
return 0; goto done;
} }
idx = CyaSSL_read(ssl, input, sizeof(input)-1); idx = CyaSSL_read(ssl, input, sizeof(input)-1);
@@ -663,6 +663,7 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
return 0; return 0;
} }
done:
CyaSSL_shutdown(ssl); CyaSSL_shutdown(ssl);
CyaSSL_free(ssl); CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx); CyaSSL_CTX_free(ctx);
@@ -696,21 +697,21 @@ void test_client_nofail(void* args)
if (CyaSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) if (CyaSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
{ {
/* err_sys("can't load ca file, Please run from CyaSSL home dir");*/ /* err_sys("can't load ca file, Please run from CyaSSL home dir");*/
return; goto done2;
} }
if (CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM) if (CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS) != SSL_SUCCESS)
{ {
/*err_sys("can't load client cert file, " /*err_sys("can't load client cert file, "
"Please run from CyaSSL home dir");*/ "Please run from CyaSSL home dir");*/
return; goto done2;
} }
if (CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM) if (CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS) != SSL_SUCCESS)
{ {
/*err_sys("can't load client key file, " /*err_sys("can't load client key file, "
"Please run from CyaSSL home dir");*/ "Please run from CyaSSL home dir");*/
return; goto done2;
} }
tcp_connect(&sockfd, yasslIP, yasslPort, 0); tcp_connect(&sockfd, yasslIP, yasslPort, 0);
@@ -723,13 +724,13 @@ void test_client_nofail(void* args)
char buffer[80]; char buffer[80];
printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
/*printf("SSL_connect failed");*/ /*printf("SSL_connect failed");*/
return; goto done2;
} }
if (CyaSSL_write(ssl, msg, msgSz) != msgSz) if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
{ {
/*err_sys("SSL_write failed");*/ /*err_sys("SSL_write failed");*/
return; goto done2;
} }
input = CyaSSL_read(ssl, reply, sizeof(reply)-1); input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
@@ -739,6 +740,7 @@ void test_client_nofail(void* args)
printf("Server response: %s\n", reply); printf("Server response: %s\n", reply);
} }
done2:
CyaSSL_free(ssl); CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx); CyaSSL_CTX_free(ctx);

15
tests/suites.c
View File

@@ -46,17 +46,29 @@ static void execute_test_case(int svr_argc, char** svr_argv,
THREAD_TYPE serverThread; THREAD_TYPE serverThread;
char commandLine[MAX_COMMAND_SZ]; char commandLine[MAX_COMMAND_SZ];
int i; int i;
size_t added = 0;
static int tests = 1; static int tests = 1;
commandLine[0] = '\0'; commandLine[0] = '\0';
for (i = 0; i < svr_argc; i++) { for (i = 0; i < svr_argc; i++) {
added += strlen(svr_argv[i]) + 2;
if (added >= MAX_COMMAND_SZ) {
printf("server command line too long\n");
break;
}
strcat(commandLine, svr_argv[i]); strcat(commandLine, svr_argv[i]);
strcat(commandLine, " "); strcat(commandLine, " ");
} }
printf("trying server command line[%d]: %s\n", tests, commandLine); printf("trying server command line[%d]: %s\n", tests, commandLine);
commandLine[0] = '\0'; commandLine[0] = '\0';
added = 0;
for (i = 0; i < cli_argc; i++) { for (i = 0; i < cli_argc; i++) {
added += strlen(cli_argv[i]) + 2;
if (added >= MAX_COMMAND_SZ) {
printf("client command line too long\n");
break;
}
strcat(commandLine, cli_argv[i]); strcat(commandLine, cli_argv[i]);
strcat(commandLine, " "); strcat(commandLine, " ");
} }
@@ -124,7 +136,7 @@ static void test_harness(void* vargs)
fseek(file, 0, SEEK_END); fseek(file, 0, SEEK_END);
sz = ftell(file); sz = ftell(file);
rewind(file); rewind(file);
if (sz == 0) { if (sz <= 0) {
fprintf(stderr, "%s is empty\n", fname); fprintf(stderr, "%s is empty\n", fname);
fclose(file); fclose(file);
args->return_code = 1; args->return_code = 1;
@@ -143,6 +155,7 @@ static void test_harness(void* vargs)
if (len != sz) { if (len != sz) {
fprintf(stderr, "read error\n"); fprintf(stderr, "read error\n");
fclose(file); fclose(file);
free(script);
args->return_code = 1; args->return_code = 1;
return; return;
} }