From ce2cf3439d47c952d8cac36ac1cb0b15e2c9b66e Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 26 Aug 2022 14:39:20 -0700 Subject: [PATCH 1/3] subject info. acc. should contain a CA repo entry not OCSP --- wolfcrypt/src/asn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 6931444a3..5bc01769f 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -18885,8 +18885,8 @@ static int DecodeSubjInfoAcc(const byte* input, int sz, DecodedCert* cert) if (GetLength(input, &idx, &length, sz) < 0) return ASN_PARSE_E; - /* Set ocsp entry */ - if (b == GENERALNAME_URI && oid == AIA_OCSP_OID) { + /* Set caRepo entry */ + if (b == GENERALNAME_URI && oid == AIA_CA_REPO_OID) { cert->extSubjInfoAccCaRepoSz = length; cert->extSubjInfoAccCaRepo = input + idx; break; From ad0fd15a0dc71ee5ff87e9d7779d150b8e9cfd40 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 26 Aug 2022 14:55:42 -0700 Subject: [PATCH 2/3] static analysis fix from infer --- tests/api.c | 1 + wolfcrypt/src/asn.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/api.c b/tests/api.c index 22c01f1bf..5e62858b6 100644 --- a/tests/api.c +++ b/tests/api.c @@ -37041,6 +37041,7 @@ static int test_wolfSSL_ASN1_TIME_adj(void) /* negative offset */ offset_sec = -45 * mini; asn_time = wolfSSL_ASN1_TIME_adj(s, t, offset_day, offset_sec); + AssertNotNull(asn_time); AssertTrue(asn_time->type == asn_utc_time); XSTRNCPY(date_str, (const char*)&asn_time->data, CTC_DATE_SIZE); date_str[CTC_DATE_SIZE] = '\0'; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5bc01769f..d34bf0603 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -6060,7 +6060,7 @@ static int DecodeRsaPssParams(const byte* params, word32 sz, int ret = 0; word32 idx = 0; int len = 0; - word32 oid; + word32 oid = 0; byte tag; int length; From 1e673aee3b1fe96c6263573bf69613985f4b4e58 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 26 Aug 2022 16:29:11 -0700 Subject: [PATCH 3/3] scan-build warning fix --- src/bio.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/bio.c b/src/bio.c index 1d50ee820..d90b2d18f 100644 --- a/src/bio.c +++ b/src/bio.c @@ -526,6 +526,11 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data, return WOLFSSL_FAILURE; } + if (bio->mem_buf->data == NULL) { + WOLFSSL_MSG("Buffer data is NULL"); + return WOLFSSL_FAILURE; + } + XMEMCPY(bio->mem_buf->data + bio->wrSz, data, len); bio->ptr = bio->mem_buf->data; bio->num = (int)bio->mem_buf->max;