Fixes for fsanitize reports.

2018-05-15 17:23:35 -07:00
parent 7a4da340d4
commit f021375c4b
4 changed files with 18 additions and 12 deletions
--- a/src/crl.c
+++ b/src/crl.c
@@ -373,12 +373,14 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)

            WOLFSSL_MSG("Issuing missing CRL callback");
            url[0] = '\0';
-            if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
-                XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
-                url[cert->extCrlInfoSz] = '\0';
-            }
-            else  {
-                WOLFSSL_MSG("CRL url too long");
+            if (cert->extCrlInfo) {
+                if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
+                    XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
+                    url[cert->extCrlInfoSz] = '\0';
+                }
+                else  {
+                    WOLFSSL_MSG("CRL url too long");
+                }
            }

            crl->cm->cbMissingCRL(url);
--- a/src/internal.c
+++ b/src/internal.c
@@ -7699,7 +7699,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)

    XMEMCPY(x509->serial, dCert->serial, EXTERNAL_SERIAL_SIZE);
    x509->serialSz = dCert->serialSz;
-    if (dCert->subjectCNLen < ASN_NAME_MAX) {
+    if (dCert->subjectCN && dCert->subjectCNLen < ASN_NAME_MAX) {
        XMEMCPY(x509->subjectCN, dCert->subjectCN, dCert->subjectCNLen);
        x509->subjectCN[dCert->subjectCNLen] = '\0';
    }
@@ -8982,8 +8982,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                }

                /* store for callback use */
-                if (args->dCert->subjectCNLen < ASN_NAME_MAX) {
-                    XMEMCPY(args->domain, args->dCert->subjectCN, args->dCert->subjectCNLen);
+                if (args->dCert->subjectCN &&
+                                    args->dCert->subjectCNLen < ASN_NAME_MAX) {
+                    XMEMCPY(args->domain, args->dCert->subjectCN,
+                        args->dCert->subjectCNLen);
                    args->domain[args->dCert->subjectCNLen] = '\0';
                }
                else {
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -3612,8 +3612,10 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version)
 /* Make a work from the front of random hash */
 static INLINE word32 MakeWordFromHash(const byte* hashID)
 {
-    return (hashID[0] << 24) | (hashID[1] << 16) | (hashID[2] <<  8) |
-            hashID[3];
+    return (((word32)hashID[0] << 24) |
+            ((word32)hashID[1] << 16) |
+            ((word32)hashID[2] <<  8) |
+            ((word32)hashID[3]));
 }

 #endif /* !NO_CERTS || !NO_SESSION_CACHE */
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@@ -485,7 +485,7 @@ void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)

   for (ix = 0; ix < pa; ix++) {
      /* get offsets into the two bignums */
-      ty = MIN(ix, B->used-1);
+      ty = MIN(ix, (B->used > 0 ? B->used - 1 : 0));
      tx = ix - ty;

      /* setup temp aliases */