Merge pull request #6047 from SparkiDev/refinc_ret_check

Ref counting: rework for static analysers

src/bio.c

@@ -768,9 +768,13 @@ int wolfSSL_BIO_up_ref(WOLFSSL_BIO* bio)
     if (bio) {
         int ret;
         wolfSSL_RefInc(&bio->ref, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Failed to lock BIO mutex");
         }
+    #else
+        (void)ret;
+    #endif
 
         return WOLFSSL_SUCCESS;
     }
@@ -2494,11 +2498,15 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
             {
                 int ret;
                 wolfSSL_RefInit(&bio->ref, &ret);
+            #ifdef WOLFSSL_REFCNT_ERROR_RETURN
                 if (ret != 0) {
                     wolfSSL_BIO_free(bio);
                     WOLFSSL_MSG("wc_InitMutex failed for WOLFSSL_BIO");
                     return NULL;
                 }
+            #else
+                (void)ret;
+            #endif
             }
         #endif
 
@@ -2563,17 +2571,22 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
                 }
             }
 
-        #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
+    #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
             wolfSSL_RefDec(&bio->ref, &doFree, &ret);
 
             if (!doFree) {
                 /* return success if BIO ref count is not 1 yet */
+            #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+                return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE ;
+            #else
+                (void)ret;
                 return WOLFSSL_SUCCESS;
-            }
-            #ifndef SINGLE_THREADED
-            wolfSSL_RefFree(&bio->ref);
             #endif
+            }
+        #ifndef SINGLE_THREADED
+            wolfSSL_RefFree(&bio->ref);
         #endif
+    #endif
 
         #ifdef HAVE_EX_DATA_CLEANUP_HOOKS
             wolfSSL_CRYPTO_cleanup_ex_data(&bio->ex_data);

src/internal.c

@@ -2155,12 +2155,16 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
     }
 
     wolfSSL_RefInit(&ctx->ref, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     if (ret < 0) {
         WOLFSSL_MSG("Mutex error on CTX init");
         ctx->err = CTX_INIT_MUTEX_E;
         WOLFSSL_ERROR_VERBOSE(BAD_MUTEX_E);
         return BAD_MUTEX_E;
     }
+#else
+    (void)ret;
+#endif
 
 #ifndef NO_CERTS
     ctx->privateKeyDevId = INVALID_DEVID;
@@ -2621,6 +2625,7 @@ void FreeSSL_Ctx(WOLFSSL_CTX* ctx)
 
     /* decrement CTX reference count */
     wolfSSL_RefDec(&ctx->ref, &isZero, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     if (ret < 0) {
         /* check error state, if mutex error code then mutex init failed but
          * CTX was still malloc'd */
@@ -2633,6 +2638,9 @@ void FreeSSL_Ctx(WOLFSSL_CTX* ctx)
         }
         return;
     }
+#else
+    (void)ret;
+#endif
 
     if (isZero) {
         WOLFSSL_MSG("CTX ref count down to 0, doing full free");
@@ -6188,9 +6196,13 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
 
     /* increment CTX reference count */
     wolfSSL_RefInc(&ctx->ref, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     if (ret < 0) {
         return ret;
     }
+#else
+    (void)ret;
+#endif
     ret = WOLFSSL_SUCCESS; /* set default ret */
 
     ssl->ctx     = ctx; /* only for passing to calls, options could change */

src/pk.c

@@ -940,19 +940,13 @@ void wolfSSL_RSA_free(WOLFSSL_RSA* rsa)
         doFree = 0;
     }
     if (doFree) {
-        int isZero;
         int err;
 
         /* Decrement reference count. */
-        wolfSSL_RefDec(&rsa->ref, &isZero, &err);
-        if (err == 0) {
-            /* Continue if reference count is zero. */
-            doFree = isZero;
-        }
-        else {
-            /* Didn't reference decrement so can't free. */
-            doFree = 0;
-        }
+        wolfSSL_RefDec(&rsa->ref, &doFree, &err);
+    #ifndef WOLFSSL_REFCNT_ERROR_RETURN
+        (void)err;
+    #endif
     }
     if (doFree) {
         void* heap = rsa->heap;
@@ -1052,8 +1046,10 @@ WOLFSSL_RSA* wolfSSL_RSA_new_ex(void* heap, int devId)
 
         /* Initialize reference counting. */
         wolfSSL_RefInit(&rsa->ref, &err);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     }
     if (!err) {
+#endif
         /* Initialize wolfCrypt RSA key. */
         if (wc_InitRsaKey_ex(key, heap, devId) != 0) {
             WOLFSSL_ERROR_MSG("InitRsaKey WOLFSSL_RSA failure");
@@ -6229,8 +6225,10 @@ WOLFSSL_DH* wolfSSL_DH_new(void)
         XMEMSET(dh, 0, sizeof(WOLFSSL_DH));
         /* Initialize reference counting. */
         wolfSSL_RefInit(&dh->ref, &err);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     }
     if (!err) {
+#endif
         /* Allocate wolfSSL DH key. */
         key = (DhKey*)XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_DH);
         if (key == NULL) {
@@ -11127,9 +11125,10 @@ WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_ex(void* heap, int devId)
 
         /* Initialize reference count. */
         wolfSSL_RefInit(&key->ref, &err);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     }
-
     if (!err) {
+#endif
         /* Allocate memory for internal EC key representation. */
         key->internal = (ecc_key*)XMALLOC(sizeof(ecc_key), heap,
             DYNAMIC_TYPE_ECC);
@@ -11243,7 +11242,7 @@ void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key)
 
         /* Decrement reference count. */
         wolfSSL_RefDec(&key->ref, &doFree, &err);
-        if ((!err) && doFree) {
+        if (doFree) {
             /* Dispose of allocated reference counting data. */
             wolfSSL_RefFree(&key->ref);
 

src/ssl.c

@@ -1297,7 +1297,12 @@ int wolfSSL_CTX_up_ref(WOLFSSL_CTX* ctx)
 {
     int ret;
     wolfSSL_RefInc(&ctx->ref, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     return ((ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE);
+#else
+    (void)ret;
+    return WOLFSSL_SUCCESS;
+#endif
 }
 
 WOLFSSL_ABI
@@ -4983,11 +4988,15 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
         }
 
         wolfSSL_RefInit(&cm->ref, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Bad mutex init");
             wolfSSL_CertManagerFree(cm);
             return NULL;
         }
+    #else
+        (void)ret;
+    #endif
 
         #ifdef WOLFSSL_TRUST_PEER_CERT
         if (wc_InitMutex(&cm->tpLock) != 0) {
@@ -5034,9 +5043,13 @@ void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
 
     if (cm) {
         wolfSSL_RefDec(&cm->ref, &doFree, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Couldn't lock cm mutex");
         }
+    #else
+        (void)ret;
+    #endif
         if (doFree) {
             #ifdef HAVE_CRL
                 if (cm->crl)
@@ -5073,10 +5086,14 @@ int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm)
         int ret;
 
         wolfSSL_RefInc(&cm->ref, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Failed to lock cm mutex");
             return WOLFSSL_FAILURE;
         }
+    #else
+        (void)ret;
+    #endif
 
         return WOLFSSL_SUCCESS;
     }
@@ -21063,11 +21080,15 @@ WOLFSSL_SESSION* wolfSSL_NewSession(void* heap)
         int err;
         XMEMSET(ret, 0, sizeof(WOLFSSL_SESSION));
         wolfSSL_RefInit(&ret->ref, &err);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (err != 0) {
             WOLFSSL_MSG("Error setting up session reference mutex");
             XFREE(ret, ret->heap, DYNAMIC_TYPE_SESSION);
             return NULL;
         }
+    #else
+        (void)err;
+    #endif
 #ifndef NO_SESSION_CACHE
         ret->cacheRow = INVALID_SESSION_ROW; /* not in cache */
 #endif
@@ -21125,10 +21146,14 @@ int wolfSSL_SESSION_up_ref(WOLFSSL_SESSION* session)
         return WOLFSSL_FAILURE;
 
     wolfSSL_RefInc(&session->ref, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     if (ret != 0) {
         WOLFSSL_MSG("Failed to lock session mutex");
         return WOLFSSL_FAILURE;
     }
+#else
+    (void)ret;
+#endif
 
     return WOLFSSL_SUCCESS;
 }
@@ -32534,11 +32559,15 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
         return ssl->ctx;
 
     wolfSSL_RefInc(&ctx->ref, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     if (ret != 0) {
         /* can only fail on serious stuff, like mutex not working
          * or ctx refcount out of whack. */
         return NULL;
     }
+#else
+    (void)ret;
+#endif
     if (ssl->ctx) {
         wolfSSL_CTX_free(ssl->ctx);
     }

src/x509_str.c

@@ -725,8 +725,12 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
     store->isDynamic = 1;
 
     wolfSSL_RefInit(&store->ref, &ret);
+#ifdef WOLFSSL_REFCNT_ERROR_RETURN
     if (ret != 0)
         goto err_exit;
+#else
+    (void)ret;
+#endif
 
     if ((store->cm = wolfSSL_CertManagerNew()) == NULL)
         goto err_exit;
@@ -775,9 +779,13 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
     if (store != NULL && store->isDynamic) {
         int ret;
         wolfSSL_RefDec(&store->ref, &doFree, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Couldn't lock store mutex");
         }
+    #else
+        (void)ret;
+    #endif
 
         if (doFree) {
 #ifdef HAVE_EX_DATA_CLEANUP_HOOKS
@@ -839,10 +847,14 @@ int wolfSSL_X509_STORE_up_ref(WOLFSSL_X509_STORE* store)
     if (store) {
         int ret;
         wolfSSL_RefInc(&store->ref, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Failed to lock store mutex");
             return WOLFSSL_FAILURE;
         }
+    #else
+        (void)ret;
+    #endif
 
         return WOLFSSL_SUCCESS;
     }

wolfcrypt/src/evp.c

@@ -9386,9 +9386,13 @@ int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey)
     if (pkey) {
         int ret;
         wolfSSL_RefInc(&pkey->ref, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Failed to lock pkey mutex");
         }
+    #else
+        (void)ret;
+    #endif
 
         return WOLFSSL_SUCCESS;
     }
@@ -9498,12 +9502,15 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap)
         }
 
         wolfSSL_RefInit(&pkey->ref, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0){
             wolfSSL_EVP_PKEY_free(pkey);
             WOLFSSL_MSG("Issue initializing mutex");
             return NULL;
         }
-
+    #else
+        (void)ret;
+    #endif
     }
     else {
         WOLFSSL_MSG("memory failure");
@@ -9519,9 +9526,13 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
     if (key != NULL) {
         int ret;
         wolfSSL_RefDec(&key->ref, &doFree, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
         if (ret != 0) {
             WOLFSSL_MSG("Couldn't lock pkey mutex");
         }
+    #else
+        (void)ret;
+    #endif
 
         if (doFree) {
             wc_FreeRng(&key->rng);

wolfcrypt/src/wc_port.c

@@ -1098,6 +1098,8 @@ void wolfSSL_RefDec(wolfSSL_Ref* ref, int* isZero, int* err)
     int ret = wc_LockMutex(&ref->mutex);
     if (ret != 0) {
         WOLFSSL_MSG("Failed to lock mutex for reference decrement!");
+        /* Can't say count is zero. */
+        *isZero = 0;
     }
     else {
         if (ref->count > 0) {

wolfssl/wolfcrypt/wc_port.h

@@ -295,6 +295,7 @@ typedef struct wolfSSL_Ref {
 } wolfSSL_Ref;
 
 #ifdef SINGLE_THREADED
+
 #define wolfSSL_RefInit(ref, err)            \
     do {                                     \
         (ref)->count = 1;                    \
@@ -312,7 +313,9 @@ typedef struct wolfSSL_Ref {
         *(isZero) = ((ref)->count == 0);     \
         *(err) = 0;                          \
     } while(0)
+
 #elif defined(HAVE_C___ATOMIC)
+
 #define wolfSSL_RefInit(ref, err)            \
     do {                                     \
         (ref)->count = 1;                    \
@@ -332,11 +335,16 @@ typedef struct wolfSSL_Ref {
         *(isZero) = ((ref)->count == 0);     \
         *(err) = 0;                          \
     } while(0)
+
 #else
+
+#define WOLFSSL_REFCNT_ERROR_RETURN
+
 WOLFSSL_LOCAL void wolfSSL_RefInit(wolfSSL_Ref* ref, int* err);
 WOLFSSL_LOCAL void wolfSSL_RefFree(wolfSSL_Ref* ref);
 WOLFSSL_LOCAL void wolfSSL_RefInc(wolfSSL_Ref* ref, int* err);
 WOLFSSL_LOCAL void wolfSSL_RefDec(wolfSSL_Ref* ref, int* isZero, int* err);
+
 #endif