feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Scan-Build Fixes

Browse Source 
1. Fixed a couple possible 0 byte allocations.
2. Fixed a couple missed frees due to error conditions.
3. Fixed a possible double free.

To recreate:
    $ scan-build ./configure --disable-shared --enable-opensslextra=x509small --disable-memory
    $ scan-build ./configure --disable-shared --enable-opensslextra --disable-memory
This commit is contained in:
John Safranek
2020-11-11 14:12:22 -08:00
parent c7bb602a30
commit e996a7d15b
3 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
examples/server/server.c
View File

@ -2451,7 +2451,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
{ {
byte* rnd; byte* rnd = NULL;
byte* pt; byte* pt;
size_t size; size_t size;
@ -2461,8 +2461,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
err_sys_ex(runWithErrors, "error getting server random buffer " err_sys_ex(runWithErrors, "error getting server random buffer "
"size"); "size");
} }
else {
rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (rnd == NULL) { if (rnd == NULL) {
err_sys_ex(runWithErrors, "error creating server random buffer"); err_sys_ex(runWithErrors, "error creating server random buffer");
} }

11
src/internal.c
View File

@ -17312,7 +17312,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
(void)i; (void)i;
if (IsEncryptionOn(ssl, 1)) { if (IsEncryptionOn(ssl, 1)) {
byte* input; byte* input = NULL;
int inputSz = i; /* build msg adds rec hdr */ int inputSz = i; /* build msg adds rec hdr */
int recordHeaderSz = RECORD_HEADER_SZ; int recordHeaderSz = RECORD_HEADER_SZ;
@ -17320,6 +17320,11 @@ int SendCertificateRequest(WOLFSSL* ssl)
recordHeaderSz += DTLS_RECORD_EXTRA; recordHeaderSz += DTLS_RECORD_EXTRA;
inputSz -= recordHeaderSz; inputSz -= recordHeaderSz;
if (inputSz <= 0) {
WOLFSSL_MSG("Send Cert Req bad inputSz");
return BUFFER_E;
}
input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
if (input == NULL) if (input == NULL)
return MEMORY_E; return MEMORY_E;
@ -26691,6 +26696,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
/* Final cleanup */ /* Final cleanup */
if (args->input != NULL) {
XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
args->input = NULL;
}
FreeSskeArgs(ssl, args); FreeSskeArgs(ssl, args);
FreeKeyExchange(ssl); FreeKeyExchange(ssl);

14
src/ssl.c
View File

@ -28041,8 +28041,10 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
*p += idx; *p += idx;
end: end:
if (ret != 0 && (sess == NULL || *sess != s)) if (ret != 0 && (sess == NULL || *sess != s)) {
wolfSSL_SESSION_free(s); wolfSSL_SESSION_free(s);
s = NULL;
}
#endif #endif
return s; return s;
} }
@ -29875,8 +29877,14 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh)
} else { } else {
privSz = pubSz; privSz = pubSz;
} }
pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_PUBLIC_KEY); if (pubSz > 0) {
priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_PRIVATE_KEY); pub = (unsigned char*)XMALLOC(pubSz,
NULL, DYNAMIC_TYPE_PUBLIC_KEY);
}
if (privSz > 0) {
priv = (unsigned char*)XMALLOC(privSz,
NULL, DYNAMIC_TYPE_PRIVATE_KEY);
}
if (pub == NULL || priv == NULL) { if (pub == NULL || priv == NULL) {
WOLFSSL_MSG("Unable to malloc memory"); WOLFSSL_MSG("Unable to malloc memory");
} }