feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Test api.c: change more tests to use Expect instead of Assert

Browse Source 
Changed EXPECT_DECL to start of as TEST_SKIPPED.
Modified other EXPECT macros appropriately.
Change test functions to not use 'res' when EXPECT_DECL is used.

memory.c:
  wc_MemFailCount_Init(): don't declare variable after a statement

conf.c:
wolfSSL_TXT_DB_read(): free the whole WOLFSSL_TXT_DB on failure
instead of just the memory
wolfSSL_CONF_add_string(): pop the value added into section->value
(sk) if it can't be pushed onto conf->data
  wolfSSL_NCONF_load(): free the new value if it wasn't able to be added

ocsp.c:
  wolfSSL_OCSP_cert_to_id():
free the decoded certificate if parsing failed (is freed after use
otherwise)
free the certificate id on failure and make it NULL and continue
freeing other variables

pk.c:
wolfSSL_RSA_set0_crt_params(): set dmp1, dmq1 and iqmp fields to NULL
if setting the internal failed - returns error and caller needs to free
the passed in BNs
wolfSSL_RSA_set0_factors(): set p and q fields to NULL if setting the
internal failed - returns error and caller needs to free the passed in
BNs
wolfSSL_RSA_set0_key(): set n, e abd d fields to NULL if setting the
internal failed - returns error and caller needs to free the passed in
BNs

x509.c:
wolfSSL_X509_set_serialNumber(): explicit NULL
checkwolfSSL_X509_REQ_add1_attr_by_NID(): check whether push succeeded
and on failure free attribute

asn.c:
ConfirmSignature(): for DSA, allocate separately to ensure no leak on
memory allocation failure.

dh.c:
wc_DhGenerateParams(): ensure tmp and tmp2 are able to be cleared on
error

evp.c:
wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(): fix realloc use to no leak on
failure
  wolfSSL_EVP_CIPHER_CTX_iv_length(): handle ctx being NULL.
This commit is contained in:
Sean Parkinson
2023-06-13 16:36:10 +10:00
parent 9ffa9faecd
commit e467112a93
10 changed files with 4862 additions and 5453 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/conf.c
View File

@ -143,7 +143,7 @@ WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num)
failed = 0;
error:
if (failed && ret) {
XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL);
wolfSSL_TXT_DB_free(ret);
ret = NULL;
}
if (buf) {
@ -458,6 +458,7 @@ int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf,
}
if (wolfSSL_sk_CONF_VALUE_push(conf->data, value) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error");
wolfssl_sk_pop_type(sk, STACK_TYPE_CONF_VALUE);
return WOLFSSL_FAILURE;
}
@ -948,6 +949,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
if (wolfSSL_CONF_add_string(conf, section, newVal) !=
WOLFSSL_SUCCESS) {
wolfSSL_X509V3_conf_free(newVal);
WOLFSSL_MSG("wolfSSL_CONF_add_string error");
goto cleanup;
}

8
src/ocsp.c
View File

@ -659,6 +659,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
InitDecodedCert(cert, subject->derCert->buffer,
subject->derCert->length, NULL);
if (ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm) != 0) {
FreeDecodedCert(cert);
goto out;
}
else {
@ -676,11 +677,12 @@ out:
if (ret != 0) {
if (derCert != NULL)
FreeDer(&derCert);
if (certId != NULL)
if (certId != NULL) {
XFREE(certId, cm->heap, DYNAMIC_TYPE_OPENSSL);
certId = NULL;
}
if (certStatus)
XFREE(certStatus, cm->heap, DYNAMIC_TYPE_OPENSSL);
return NULL;
}
#ifdef WOLFSSL_SMALL_STACK
@ -1115,7 +1117,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
}
}
if (cid && (!cidOut || cid != *cidOut)) {
if ((cid != NULL) && ((cidOut == NULL) || (cid != *cidOut))) {
XFREE(cid, NULL, DYNAMIC_TYPE_OPENSSL);
}

25
src/pk.c
View File

@ -825,6 +825,7 @@ WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags)
if (err) {
/* meth->name won't be allocated on error. */
XFREE(meth, NULL, DYNAMIC_TYPE_OPENSSL);
meth = NULL;
}
return meth;
}
@ -2751,6 +2752,15 @@ int wolfSSL_RSA_set0_crt_params(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *dmp1,
/* Set the values into the wolfCrypt RSA key. */
if (SetRsaInternal(rsa) != 1) {
if (dmp1 != NULL) {
rsa->dmp1 = NULL;
}
if (dmq1 != NULL) {
rsa->dmq1 = NULL;
}
if (iqmp != NULL) {
rsa->iqmp = NULL;
}
ret = 0;
}
}
@ -2815,6 +2825,12 @@ int wolfSSL_RSA_set0_factors(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *p,
/* Set the values into the wolfCrypt RSA key. */
if (SetRsaInternal(rsa) != 1) {
if (p != NULL) {
rsa->p = NULL;
}
if (q != NULL) {
rsa->q = NULL;
}
ret = 0;
}
}
@ -2890,6 +2906,15 @@ int wolfSSL_RSA_set0_key(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *n, WOLFSSL_BIGNUM *e,
/* Set the values into the wolfCrypt RSA key. */
if (SetRsaInternal(rsa) != 1) {
if (n != NULL) {
rsa->n = NULL;
}
if (e != NULL) {
rsa->e = NULL;
}
if (d != NULL) {
rsa->d = NULL;
}
ret = 0;
}
}

5
src/x509.c
View File

@ -13490,7 +13490,7 @@ int wolfSSL_X509_set_notBefore(WOLFSSL_X509* x509, const WOLFSSL_ASN1_TIME* t)
int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, WOLFSSL_ASN1_INTEGER* s)
{
WOLFSSL_ENTER("wolfSSL_X509_set_serialNumber");
if (!x509 || !s || s->length >= EXTERNAL_SERIAL_SIZE)
if (x509 == NULL || s == NULL || s->length >= EXTERNAL_SERIAL_SIZE)
return WOLFSSL_FAILURE;
/* WOLFSSL_ASN1_INTEGER has type | size | data
@ -13970,6 +13970,9 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
}
}
ret = wolfSSL_sk_push(req->reqAttributes, attr);
if (ret != WOLFSSL_SUCCESS) {
wolfSSL_X509_ATTRIBUTE_free(attr);
}
}
return ret;

10200
tests/api.c
View File

File diff suppressed because it is too large Load Diff

26
tests/unit.h
View File

@ -123,38 +123,40 @@
#define EXPECT_DECLS \
int _ret = 0
int _ret = TEST_SKIPPED
#define EXPECT_RESULT() \
((_ret == 0) ? TEST_SUCCESS : TEST_FAIL)
_ret
#define EXPECT_SUCCESS() \
(_ret == 0)
(_ret == TEST_SUCCESS)
#define EXPECT_FAIL() \
(_ret != 0)
(_ret == TEST_FAIL)
#define ExpFail(description, result) do { \
printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
fputs("\n expected: ", stdout); printf description; \
fputs("\n result: ", stdout); printf result; fputs("\n\n", stdout); \
fflush(stdout); \
_ret = -1; \
_ret = TEST_FAIL; \
} while (0)
#define Expect(test, description, result) \
if ((_ret == 0) && (!(test))) ExpFail(description, result)
#define Expect(test, description, result) do { \
if (_ret != TEST_FAIL) { if (!(test)) ExpFail(description, result); \
else _ret = TEST_SUCCESS; } \
} while (0)
#define ExpectTrue(x) Expect( (x), ("%s is true", #x), (#x " => FALSE"))
#define ExpectFalse(x) Expect(!(x), ("%s is false", #x), (#x " => TRUE"))
#define ExpectNotNull(x) Expect( (x), ("%s is not null", #x), (#x " => NULL"))
#define ExpectNull(x) do { \
if (_ret == 0) { \
if (_ret != TEST_FAIL) { \
PEDANTIC_EXTENSION void* _x = (void*)(x); \
Expect(!_x, ("%s is null", #x), (#x " => %p", _x)); \
} \
} while(0)
#define ExpectInt(x, y, op, er) do { \
if (_ret == 0) { \
if (_ret != TEST_FAIL) { \
int _x = (int)(x); \
int _y = (int)(y); \
Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y));\
@ -169,7 +171,7 @@
#define ExpectIntLE(x, y) ExpectInt(x, y, <=, >)
#define ExpectStr(x, y, op, er) do { \
if (_ret == 0) { \
if (_ret != TEST_FAIL) { \
const char* _x = (const char*)(x); \
const char* _y = (const char*)(y); \
int _z = (_x && _y) ? strcmp(_x, _y) : -1; \
@ -186,7 +188,7 @@
#define ExpectStrLE(x, y) ExpectStr(x, y, <=, >)
#define ExpectPtr(x, y, op, er) do { \
if (_ret == 0) { \
if (_ret != TEST_FAIL) { \
PRAGMA_DIAG_PUSH; \
/* remarkably, without this inhibition, */ \
/* the _Pragma()s make the declarations warn. */ \
@ -209,7 +211,7 @@
#define ExpectPtrLE(x, y) ExpectPtr(x, y, <=, >)
#define ExpectBuf(x, y, z, op, er) do { \
if (_ret == 0) { \
if (_ret != TEST_FAIL) { \
const byte* _x = (const byte*)(x); \
const byte* _y = (const byte*)(y); \
int _z = (int)(z); \

9
wolfcrypt/src/asn.c
View File

@ -15432,15 +15432,18 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
sigCtx->key.dsa = (DsaKey*)XMALLOC(sizeof(DsaKey),
sigCtx->heap, DYNAMIC_TYPE_DSA);
sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
if (sigCtx->key.dsa == NULL || sigCtx->sigCpy == NULL) {
if (sigCtx->key.dsa == NULL) {
ERROR_OUT(MEMORY_E, exit_cs);
}
if ((ret = wc_InitDsaKey_h(sigCtx->key.dsa, sigCtx->heap)) != 0) {
WOLFSSL_MSG("wc_InitDsaKey_h error");
goto exit_cs;
}
sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
if (sigCtx->sigCpy == NULL) {
ERROR_OUT(MEMORY_E, exit_cs);
}
if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa,
keySz)) != 0) {
WOLFSSL_MSG("ASN Key decode error DSA");

22
wolfcrypt/src/dh.c
View File

@ -2886,6 +2886,11 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
ret = 0;
unsigned char *buf = NULL;
#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_NO_MALLOC)
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(tmp2, 0, sizeof(tmp2));
#endif
if (rng == NULL || dh == NULL)
ret = BAD_FUNC_ARG;
@ -2934,9 +2939,22 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (ret == 0) {
if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL))
if ((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL,
DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
ret = MEMORY_E;
}
else {
XMEMSET(tmp, 0, sizeof(*tmp));
}
}
if (ret == 0) {
if ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL,
DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
ret = MEMORY_E;
}
else {
XMEMSET(tmp2, 0, sizeof(*tmp2));
}
}
#endif

13
wolfcrypt/src/evp.c
View File

@ -2245,14 +2245,16 @@ int wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(WOLFSSL_EVP_PKEY_CTX* ctx,
}
if (ret == WOLFSSL_SUCCESS && info != NULL && infoSz > 0) {
unsigned char* p;
/* If there's already info in the buffer, append. */
ctx->pkey->hkdfInfo = (byte*)XREALLOC(ctx->pkey->hkdfInfo,
ctx->pkey->hkdfInfoSz + infoSz, NULL, DYNAMIC_TYPE_INFO);
if (ctx->pkey->hkdfInfo == NULL) {
p = (byte*)XREALLOC(ctx->pkey->hkdfInfo, ctx->pkey->hkdfInfoSz + infoSz,
NULL, DYNAMIC_TYPE_INFO);
if (p == NULL) {
WOLFSSL_MSG("Failed to reallocate larger HKDF info buffer.");
ret = WOLFSSL_FAILURE;
}
else {
ctx->pkey->hkdfInfo = p;
XMEMCPY(ctx->pkey->hkdfInfo + ctx->pkey->hkdfInfoSz, info,
infoSz);
ctx->pkey->hkdfInfoSz += infoSz;
@ -7946,6 +7948,11 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
{
WOLFSSL_MSG("wolfSSL_EVP_CIPHER_CTX_iv_length");
if (ctx == NULL) {
WOLFSSL_MSG("No context");
return 0;
}
switch (ctx->cipherType) {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)

3
wolfcrypt/src/memory.c
View File

@ -277,8 +277,9 @@ int mem_fail_cnt = 0;
void wc_MemFailCount_Init()
{
char* cnt;
wc_InitMutex(&memFailMutex);
char* cnt = getenv("MEM_FAIL_CNT");
cnt = getenv("MEM_FAIL_CNT");
if (cnt != NULL) {
fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
mem_fail_cnt = atoi(cnt);