Merge pull request #2685 from embhorn/coverity_fixes

Coverity fixes
2019-12-18 14:06:48 -08:00
parent 531fedfbb4 52893877d7
commit 6922d7031c
10 changed files with 55 additions and 30 deletions
--- a/wolfcrypt/src/pkcs12.c
+++ b/wolfcrypt/src/pkcs12.c
@@ -767,7 +767,12 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
                word32 tmpIdx = 0;
                byte ar[MAX_LENGTH_SZ + 2];
                tmpSz = SetShortInt(ar, &tmpIdx, mac->itt, MAX_LENGTH_SZ + 2);
-                XMEMCPY(&sdBuf[idx], ar, tmpSz);
+                if (tmpSz < 0) {
+                    ret = tmpSz;
+                }
+                else {
+                    XMEMCPY(&sdBuf[idx], ar, tmpSz);
+                }
            }

            totalSz += sdBufSz;
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
@@ -3466,8 +3466,8 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,
                                               const byte* hashBuf,
                                               word32 hashSz)
 {
-    int ret = 0, innerAttribSz = 0;
-    word32 digestSz = 0, idx = 0;
+    int ret = 0, digestSz = 0, innerAttribSz = 0;
+    word32 idx = 0;
    byte* digestBuf = NULL;
 #ifdef WOLFSSL_SMALL_STACK
    byte* digest = NULL;
@@ -3538,17 +3538,23 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,

        digestBuf = digest;
        digestSz = wc_HashGetDigestSize(hashType);
-
+        if (digestSz < 0) {
+            WOLFSSL_MSG("Invalid hash type");
+#ifdef WOLFSSL_SMALL_STACK
+            XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+            return digestSz;
+        }
    } else {

        /* user passed in pre-computed hash */
        digestBuf = (byte*)hashBuf;
-        digestSz  = hashSz;
+        digestSz  = (int)hashSz;
    }

    /* compare generated to hash in messageDigest attribute */
-    if ((innerAttribSz != (int)digestSz) ||
-        (XMEMCMP(attrib->value + idx, digestBuf, digestSz) != 0)) {
+    if ((innerAttribSz != digestSz) ||
+        (XMEMCMP(attrib->value + idx, digestBuf, (word32)digestSz) != 0)) {
        WOLFSSL_MSG("Content digest does not match messageDigest attrib value");
 #ifdef WOLFSSL_SMALL_STACK
        XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -4679,7 +4685,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
                XFREE(pkcs7->stream->tmpCert, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
                pkcs7->stream->tmpCert = (byte*)XMALLOC(length,
                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                if (pkcs7->stream->tmpCert == NULL) {
+                if ((pkiMsg2 == NULL) || (pkcs7->stream->tmpCert == NULL)) {
                    ret = MEMORY_E;
                    break;
                }
@@ -8427,12 +8433,14 @@ static int wc_PKCS7_KariGetKeyEncryptionAlgorithmId(WC_PKCS7_KARI* kari,
        word32* keyAgreeOID, word32* keyWrapOID)
 {
    int length = 0;
-    word32 localIdx = *idx;
+    word32 localIdx;

    if (kari == NULL || pkiMsg == NULL || idx == NULL ||
        keyAgreeOID == NULL || keyWrapOID == NULL)
        return BAD_FUNC_ARG;

+    localIdx = *idx;
+
    /* remove KeyEncryptionAlgorithmIdentifier */
    if (GetSequence(pkiMsg, &localIdx, &length, pkiMsgSz) < 0)
        return ASN_PARSE_E;
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -1467,7 +1467,7 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
 {
    int   ret;
    byte* tmp;
-    int   hLen, i, maskLen;
+    int   hLen, i, maskLen, orig_bits = bits;
 #if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
    byte tmp_buf[RSA_MAX_SIZE/8];
    tmp = tmp_buf;
@@ -1498,7 +1498,7 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
        saltLen = hLen;
        #ifdef WOLFSSL_SHA512
            /* See FIPS 186-4 section 5.5 item (e). */
-            if (bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
+            if (orig_bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
                saltLen = RSA_PSS_SALT_MAX_SZ;
        #endif
    }
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -7781,7 +7781,7 @@ int gmac_test(void)
    byte tag[16];

    XMEMSET(&gmac, 0, sizeof(Gmac)); /* clear context */
-    wc_AesInit((Aes*)&gmac, HEAP_HINT, INVALID_DEVID); /* Make sure devId updated */
+    (void)wc_AesInit((Aes*)&gmac, HEAP_HINT, INVALID_DEVID); /* Make sure devId updated */
    XMEMSET(tag, 0, sizeof(tag));
    wc_GmacSetKey(&gmac, k1, sizeof(k1));
    wc_GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));
@@ -11550,14 +11550,18 @@ static int rsa_keygen_test(WC_RNG* rng)
        ERROR_OUT(-6968, exit_rsa);
    }
 #endif /* WOLFSSL_CRYPTOCELL */
-    wc_FreeRsaKey(&genKey);
-    XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    pem = NULL;
-    XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    der = NULL;

 exit_rsa:
    wc_FreeRsaKey(&genKey);
+    if (pem != NULL) {
+        XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        pem = NULL;
+    }
+    if (der != NULL) {
+        XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        der = NULL;
+    }
+
    return ret;
 }
 #endif