mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 02:37:28 +02:00
fixes for null pointer accesses detected by clang sanitizer. also, gate SuiteTest() on !NO_WOLFSSL_CIPHER_SUITE_TEST in tests/unit.c, greatly reducing time to completion when not debugging cipher suites.
This commit is contained in:
Daniel Pouzzner
@ -80,6 +80,7 @@ int unit_test(int argc, char** argv)
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#ifndef NO_WOLFSSL_CIPHER_SUITE_TEST
|
||||
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
|
||||
#ifndef SINGLE_THREADED
|
||||
if ( (ret = SuiteTest(argc, argv)) != 0){
|
||||
@ -88,6 +89,7 @@ int unit_test(int argc, char** argv)
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#endif /* NO_WOLFSSL_CIPHER_SUITE_TEST */
|
||||
|
||||
SrpTest();
|
||||
|
||||
|
||||
@ -665,22 +665,15 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
|
||||
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
{
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
mp_int *k = (mp_int *)XMALLOC(sizeof *k,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *kInv = (mp_int *)XMALLOC(sizeof *kInv,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *r = (mp_int *)XMALLOC(sizeof *r,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *s = (mp_int *)XMALLOC(sizeof *s,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *H = (mp_int *)XMALLOC(sizeof *H,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *k = NULL;
|
||||
mp_int *kInv = NULL;
|
||||
mp_int *r = NULL;
|
||||
mp_int *s = NULL;
|
||||
mp_int *H = NULL;
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
mp_int *b = (mp_int *)XMALLOC(sizeof *b,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *b = NULL;
|
||||
#endif
|
||||
byte *buffer = (byte *)XMALLOC(DSA_HALF_SIZE, key->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
byte *buffer = NULL;
|
||||
#else
|
||||
mp_int k[1], kInv[1], r[1], s[1], H[1];
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
@ -693,17 +686,24 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
byte* tmp; /* initial output pointer */
|
||||
|
||||
do {
|
||||
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
|
||||
#else
|
||||
if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
|
||||
#endif
|
||||
{
|
||||
ret = MP_INIT_E;
|
||||
break;
|
||||
}
|
||||
if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
break;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
k = (mp_int *)XMALLOC(sizeof *k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
kInv = (mp_int *)XMALLOC(sizeof *kInv, key->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
r = (mp_int *)XMALLOC(sizeof *r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
s = (mp_int *)XMALLOC(sizeof *s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
H = (mp_int *)XMALLOC(sizeof *H, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
b = (mp_int *)XMALLOC(sizeof *b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
buffer = (byte *)XMALLOC(DSA_HALF_SIZE, key->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
if ((k == NULL) ||
|
||||
(kInv == NULL) ||
|
||||
(r == NULL) ||
|
||||
@ -718,10 +718,15 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
break;
|
||||
}
|
||||
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
|
||||
#else
|
||||
if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
|
||||
#endif
|
||||
{
|
||||
ret = MP_INIT_E;
|
||||
break;
|
||||
}
|
||||
|
||||
sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q));
|
||||
tmp = out;
|
||||
@ -979,35 +984,31 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
|
||||
{
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
mp_int *w = (mp_int *)XMALLOC(sizeof *w,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *u1 = (mp_int *)XMALLOC(sizeof *u1,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *u2 = (mp_int *)XMALLOC(sizeof *u2,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *v = (mp_int *)XMALLOC(sizeof *v,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *r = (mp_int *)XMALLOC(sizeof *r,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *s = (mp_int *)XMALLOC(sizeof *s,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *w = NULL;
|
||||
mp_int *u1 = NULL;
|
||||
mp_int *u2 = NULL;
|
||||
mp_int *v = NULL;
|
||||
mp_int *r = NULL;
|
||||
mp_int *s = NULL;
|
||||
#else
|
||||
mp_int w[1], u1[1], u2[1], v[1], r[1], s[1];
|
||||
#endif
|
||||
int ret = 0;
|
||||
|
||||
do {
|
||||
if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
|
||||
ret = MP_INIT_E;
|
||||
break;
|
||||
}
|
||||
|
||||
if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
break;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
w = (mp_int *)XMALLOC(sizeof *w, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
u1 = (mp_int *)XMALLOC(sizeof *u1, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
u2 = (mp_int *)XMALLOC(sizeof *u2, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
v = (mp_int *)XMALLOC(sizeof *v, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
r = (mp_int *)XMALLOC(sizeof *r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
s = (mp_int *)XMALLOC(sizeof *s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
if ((w == NULL) ||
|
||||
(u1 == NULL) ||
|
||||
(u2 == NULL) ||
|
||||
@ -1019,6 +1020,11 @@ int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
|
||||
ret = MP_INIT_E;
|
||||
break;
|
||||
}
|
||||
|
||||
/* set r and s from signature */
|
||||
if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY ||
|
||||
mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) {
|
||||
|
||||
@ -4377,7 +4377,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
|
||||
if ((ctx->cipherType == AES_128_GCM_TYPE) ||
|
||||
(ctx->cipherType == AES_192_GCM_TYPE) ||
|
||||
(ctx->cipherType == AES_256_GCM_TYPE)) {
|
||||
wc_AesFree(&ctx->cipher.aes);
|
||||
wc_AesFree(&ctx->cipher.aes);
|
||||
}
|
||||
#endif /* HAVE_AESGCM && WOLFSSL_AESGCM_STREAM */
|
||||
#endif /* not FIPS or new FIPS */
|
||||
|
||||
@ -4098,11 +4098,11 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
{
|
||||
#ifndef WC_NO_RNG
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
mp_int *p = (mp_int *)XMALLOC(sizeof *p, key->heap, DYNAMIC_TYPE_RSA);
|
||||
mp_int *q = (mp_int *)XMALLOC(sizeof *q, key->heap, DYNAMIC_TYPE_RSA);
|
||||
mp_int *tmp1 = (mp_int *)XMALLOC(sizeof *tmp1, key->heap, DYNAMIC_TYPE_RSA);
|
||||
mp_int *tmp2 = (mp_int *)XMALLOC(sizeof *tmp2, key->heap, DYNAMIC_TYPE_RSA);
|
||||
mp_int *tmp3 = (mp_int *)XMALLOC(sizeof *tmp3, key->heap, DYNAMIC_TYPE_RSA);
|
||||
mp_int *p = NULL;
|
||||
mp_int *q = NULL;
|
||||
mp_int *tmp1 = NULL;
|
||||
mp_int *tmp2 = NULL;
|
||||
mp_int *tmp3 = NULL;
|
||||
#else
|
||||
mp_int p_buf, *p = &p_buf;
|
||||
mp_int q_buf, *q = &q_buf;
|
||||
@ -4113,7 +4113,18 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
int err, i, failCount, primeSz, isPrime = 0;
|
||||
byte* buf = NULL;
|
||||
|
||||
if (key == NULL || rng == NULL) {
|
||||
err = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
p = (mp_int *)XMALLOC(sizeof *p, key->heap, DYNAMIC_TYPE_RSA);
|
||||
q = (mp_int *)XMALLOC(sizeof *q, key->heap, DYNAMIC_TYPE_RSA);
|
||||
tmp1 = (mp_int *)XMALLOC(sizeof *tmp1, key->heap, DYNAMIC_TYPE_RSA);
|
||||
tmp2 = (mp_int *)XMALLOC(sizeof *tmp2, key->heap, DYNAMIC_TYPE_RSA);
|
||||
tmp3 = (mp_int *)XMALLOC(sizeof *tmp3, key->heap, DYNAMIC_TYPE_RSA);
|
||||
|
||||
if ((p == NULL) ||
|
||||
(q == NULL) ||
|
||||
(tmp1 == NULL) ||
|
||||
@ -4124,11 +4135,6 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (key == NULL || rng == NULL) {
|
||||
err = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!RsaSizeCheck(size)) {
|
||||
err = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
|
||||
@ -956,25 +956,26 @@ void wc_Sha512Free(wc_Sha512* sha512)
|
||||
/* @return 0 on successful, otherwise non-zero on failure */
|
||||
int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
|
||||
{
|
||||
int ret ;
|
||||
int ret;
|
||||
/* back up buffer */
|
||||
#if defined(WOLFSSL_SMALL_STACK)
|
||||
word64* buffer;
|
||||
buffer = (word64*) XMALLOC(sizeof(word64) * 16, sha->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buffer == NULL)
|
||||
return MEMORY_E;
|
||||
#else
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
word64 *buffer;
|
||||
#else
|
||||
word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)];
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
/* sanity check */
|
||||
if (sha == NULL || data == NULL) {
|
||||
#if defined(WOLFSSL_SMALL_STACK)
|
||||
XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
buffer = (word64 *)XMALLOC(sizeof(word64) * 16, sha->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buffer == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
#if defined(USE_INTEL_SPEEDUP) && \
|
||||
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
|
||||
Sha512_SetTransform();
|
||||
@ -997,9 +998,9 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
|
||||
ret = Transform_Sha512(sha);
|
||||
|
||||
XMEMCPY(sha->buffer, buffer, WC_SHA512_BLOCK_SIZE);
|
||||
#if defined(WOLFSSL_SMALL_STACK)
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
@ -634,12 +634,12 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
byte* serverPubKey, word32 serverPubKeySz)
|
||||
{
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
SrpHash *hash = (SrpHash *)XMALLOC(sizeof *hash, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
byte *digest = (byte *)XMALLOC(SRP_MAX_DIGEST_SIZE, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *u = (mp_int *)XMALLOC(sizeof *u, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *s = (mp_int *)XMALLOC(sizeof *s, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *temp1 = (mp_int *)XMALLOC(sizeof *temp1, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *temp2 = (mp_int *)XMALLOC(sizeof *temp2, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
SrpHash *hash = NULL;
|
||||
byte *digest = NULL;
|
||||
mp_int *u = NULL;
|
||||
mp_int *s = NULL;
|
||||
mp_int *temp1 = NULL;
|
||||
mp_int *temp2 = NULL;
|
||||
#else
|
||||
SrpHash hash[1];
|
||||
byte digest[SRP_MAX_DIGEST_SIZE];
|
||||
@ -652,11 +652,6 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
|
||||
/* validating params */
|
||||
|
||||
if ((mp_init_multi(u, s, temp1, temp2, 0, 0)) != MP_OKAY) {
|
||||
r = MP_INIT_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (!srp || !clientPubKey || clientPubKeySz == 0
|
||||
|| !serverPubKey || serverPubKeySz == 0) {
|
||||
r = BAD_FUNC_ARG;
|
||||
@ -664,6 +659,13 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
hash = (SrpHash *)XMALLOC(sizeof *hash, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
digest = (byte *)XMALLOC(SRP_MAX_DIGEST_SIZE, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
u = (mp_int *)XMALLOC(sizeof *u, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
s = (mp_int *)XMALLOC(sizeof *s, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
temp1 = (mp_int *)XMALLOC(sizeof *temp1, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
temp2 = (mp_int *)XMALLOC(sizeof *temp2, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
|
||||
if ((hash == NULL) ||
|
||||
(digest == NULL) ||
|
||||
(u == NULL) ||
|
||||
@ -675,6 +677,11 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
}
|
||||
#endif
|
||||
|
||||
if ((mp_init_multi(u, s, temp1, temp2, 0, 0)) != MP_OKAY) {
|
||||
r = MP_INIT_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (mp_iszero(&srp->priv) == MP_YES) {
|
||||
r = SRP_CALL_ORDER_E;
|
||||
goto out;
|
||||
|
||||
Reference in New Issue
Block a user