wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1484 from embhorn/coverity

Browse Source 
Coverity fixes
This commit is contained in:
David Garske
2018-04-06 18:18:38 -07:00
committed by GitHub
parent 6090fb9020 36b9b0b558
commit 2a460d3d05
7 changed files with 80 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/bio.c
View File

@ -131,10 +131,10 @@ static int wolfSSL_BIO_SSL_read(WOLFSSL_BIO* bio, void* buf,
{
int ret;
WOLFSSL_ENTER("wolfSSL_BIO_SSL_write");
WOLFSSL_ENTER("wolfSSL_BIO_SSL_read");
/* already got eof, again is error */
if (bio && front->eof)
if ((front == NULL) || front->eof)
return WOLFSSL_FATAL_ERROR;
ret = wolfSSL_read(bio->ssl, buf, len);
@ -168,7 +168,7 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
WOLFSSL_ENTER("wolfSSL_BIO_read");
/* start at end of list and work backwards */
while (bio->next != NULL) {
while ((bio != NULL) && (bio->next != NULL)) {
bio = bio->next;
}

2
src/crl.c
View File

@ -247,6 +247,8 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
ca = GetCA(crl->cm, issuerHash);
#endif /* NO_SKID */
if (ca == NULL) {
XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
WOLFSSL_MSG("Did NOT find CRL issuer CA");
return ASN_CRL_NO_SIGNER_E;
}

12
src/internal.c
View File

@ -11743,10 +11743,10 @@ static INLINE void RmdRounds(int rounds, const byte* data, int sz)
RipeMd ripemd;
int i;
wc_InitRipeMd(&ripemd);
(void)wc_InitRipeMd(&ripemd);
for (i = 0; i < rounds; i++)
wc_RipeMdUpdate(&ripemd, data, sz);
(void)wc_RipeMdUpdate(&ripemd, data, sz);
}
#endif
@ -14678,11 +14678,13 @@ int SendAlert(WOLFSSL* ssl, int severity, int type)
if ((ret = CheckAvailableSize(ssl, outputSz)) != 0)
return ret;
/* Check output buffer */
if (ssl->buffers.outputBuffer.buffer == NULL)
return BUFFER_E;
/* get output buffer */
output = ssl->buffers.outputBuffer.buffer +
ssl->buffers.outputBuffer.length;
if (output == NULL)
return BUFFER_E;
input[0] = (byte)severity;
input[1] = (byte)type;
@ -18377,7 +18379,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#endif
if (ssl->peerEccKey == NULL) {
AllocKey(ssl, DYNAMIC_TYPE_ECC,
ret = AllocKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
if (ret != 0) {
goto exit_dske;

5
src/ocsp.c
View File

@ -651,9 +651,10 @@ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
l = XFTELL(bio->file);
if (l < 0)
return NULL;
XFSEEK(bio->file, i, SEEK_SET);
if (XFSEEK(bio->file, i, SEEK_SET) != 0)
return NULL;
/* check calulated length */
/* check calculated length */
if (l - i <= 0)
return NULL;

79
src/ssl.c
View File

@ -5451,11 +5451,10 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
resetSuites = 1;
}
}
#endif
#else
if (!rsaKey && !eccKey && !ed25519Key)
return WOLFSSL_BAD_FILE;
#endif
(void)ed25519Key;
(void)devId;
}
@ -7224,7 +7223,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** out, unsigned char** in,
long inSz)
{
WOLFSSL_EVP_PKEY* pkey = NULL;
const unsigned char* mem = *in;
const unsigned char* mem;
long memSz = inSz;
WOLFSSL_ENTER("wolfSSL_d2i_PUBKEY");
@ -7233,6 +7232,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY(WOLFSSL_EVP_PKEY** out, unsigned char** in,
WOLFSSL_MSG("Bad argument");
return NULL;
}
mem = *in;
#if !defined(NO_RSA)
{
@ -7372,6 +7372,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out,
if (local->pkey.ptr == NULL) {
wolfSSL_EVP_PKEY_free(local);
local = NULL;
return NULL;
}
else {
XMEMCPY(local->pkey.ptr, *in + idx, inSz - idx);
@ -13594,8 +13595,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
const WOLFSSL_EVP_CIPHER* type, const byte* key,
const byte* iv, int enc)
{
int ret = -1; /* failure local, during function 0 means success
because internal functions work that way */
int ret = 0;
(void)key;
(void)iv;
(void)enc;
@ -13615,7 +13615,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->lastUsed = 0;
ctx->flags = 0;
}
ret = 0;
#ifndef NO_AES
#ifdef HAVE_AES_CBC
#ifdef WOLFSSL_AES_128
@ -13640,7 +13639,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@ -13665,7 +13663,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
@ -13694,7 +13691,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
return ret;
}
}
ret = 0;
}
#endif /* WOLFSSL_AES_256 */
#endif /* HAVE_AES_CBC */
@ -13721,7 +13717,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@ -13746,7 +13741,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
@ -13771,7 +13765,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif /* WOLFSSL_AES_256 */
#endif /* WOLFSSL_AES_CTR */
@ -13792,7 +13785,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
if (ret != 0)
return ret;
ret = 0;
}
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@ -13812,7 +13804,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
if (ret != 0)
return ret;
ret = 0;
}
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
@ -13832,7 +13823,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
}
if (ret != 0)
return ret;
ret = 0;
}
#endif /* WOLFSSL_AES_256 */
#endif /* NO_AES */
@ -13857,7 +13847,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (iv && key == NULL)
wc_Des_SetIV(&ctx->cipher.des, iv);
ret = 0;
}
#ifdef WOLFSSL_DES_ECB
else if (ctx->cipherType == DES_ECB_TYPE ||
@ -13877,7 +13866,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif
else if (ctx->cipherType == DES_EDE3_CBC_TYPE ||
@ -13903,7 +13891,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
else if (ctx->cipherType == DES_EDE3_ECB_TYPE ||
(type &&
@ -13922,7 +13909,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (ret != 0)
return ret;
}
ret = 0;
}
#endif /* NO_DES3 */
#ifndef NO_RC4
@ -13937,7 +13923,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->keyLen = 16; /* default to 128 */
if (key)
wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
ret = 0; /* success */
}
#endif /* NO_RC4 */
#ifdef HAVE_IDEA
@ -13961,7 +13946,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (iv && key == NULL)
wc_IdeaSetIV(&ctx->cipher.idea, iv);
ret = 0;
}
#endif /* HAVE_IDEA */
if (ctx->cipherType == NULL_CIPHER_TYPE || (type &&
@ -13970,13 +13954,9 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->cipherType = NULL_CIPHER_TYPE;
ctx->keyLen = 0;
ctx->block_size = 16;
ret = 0; /* success */
}
if (ret == 0)
return WOLFSSL_SUCCESS;
else
return 0; /* overall failure */
(void)ret; /* remove warning. If execution reaches this point, ret=0 */
return WOLFSSL_SUCCESS;
}
@ -14052,7 +14032,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
case AES_192_CTR_TYPE :
case AES_256_CTR_TYPE :
WOLFSSL_MSG("AES CTR");
wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
break;
#endif /* WOLFSSL_AES_COUNTER */
#endif /* NO_AES */
@ -16865,7 +16845,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
}
if (dataSz < 0) {
sz = (int)XSTRLEN((const char*)data);
sz = (int)XSTRLEN((const char*)data) + 1; /* +1 for null */
}
else {
sz = dataSz;
@ -18345,7 +18325,7 @@ WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name,
{
WC_PKCS12* pkcs12;
WC_DerCertList* list = NULL;
word32 passSz = (word32)XSTRLEN(pass);
word32 passSz;
byte* keyDer;
word32 keyDerSz;
byte* certDer;
@ -18359,6 +18339,7 @@ WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name,
WOLFSSL_LEAVE("wolfSSL_PKCS12_create()", BAD_FUNC_ARG);
return NULL;
}
passSz = (word32)XSTRLEN(pass);
if ((ret = wolfSSL_i2d_PrivateKey(pkey, &keyDer)) < 0) {
WOLFSSL_LEAVE("wolfSSL_PKCS12_create", ret);
@ -18387,7 +18368,7 @@ WC_PKCS12* wolfSSL_PKCS12_create(char* pass, char* name,
}
curDer = (byte*)wolfSSL_X509_get_der(sk->data.x509, &curDerSz);
if (certDer == NULL || curDerSz < 0) {
if (curDer == NULL || curDerSz < 0) {
XFREE(cur, NULL, DYNAMIC_TYPE_PKCS);
wc_FreeCertList(list, NULL);
return NULL;
@ -19580,7 +19561,7 @@ const char* wolfSSL_alert_desc_string_long(int alertID)
*
* ssl WOLFSSL structure to get state of
*
* Retruns a human readable string of the WOLFSSL structure state
* Returns a human readable string of the WOLFSSL structure state
*/
const char* wolfSSL_state_string_long(const WOLFSSL* ssl)
{
@ -21950,8 +21931,9 @@ const char* wolfSSL_RAND_file_name(char* fname, unsigned long len)
/* $RANDFILE was not set or is too large, check $HOME */
if (rt == NULL) {
WOLFSSL_MSG("Environment variable RANDFILE not set");
if ((rt = XGETENV("HOME")) == NULL) {
WOLFSSL_MSG("Unable to get HOME variable");
WOLFSSL_MSG("Environment variable HOME not set");
return NULL;
}
@ -21962,16 +21944,11 @@ const char* wolfSSL_RAND_file_name(char* fname, unsigned long len)
return fname;
}
else {
WOLFSSL_MSG("Buffer too small");
WOLFSSL_MSG("HOME too large for buffer");
return NULL;
}
}
if (rt == NULL) {
WOLFSSL_MSG("Enviroment variable RANDFILE or HOME not set");
return NULL;
}
return fname;
#else
/* no filesystem defined */
@ -22066,7 +22043,7 @@ int wolfSSL_RAND_write_file(const char* fname)
*
* nm is the file path to the egd server
*
* Retruns the number of bytes read.
* Returns the number of bytes read.
*/
int wolfSSL_RAND_egd(const char* nm)
{
@ -22095,7 +22072,7 @@ int wolfSSL_RAND_egd(const char* nm)
}
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd <= 0) {
if (fd < 0) {
WOLFSSL_MSG("Error creating socket");
#ifdef WOLFSSL_SMALL_STACK
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -22104,7 +22081,7 @@ int wolfSSL_RAND_egd(const char* nm)
}
if (ret == WOLFSSL_SUCCESS) {
rem.sun_family = AF_UNIX;
XMEMCPY(rem.sun_path, nm, XSTRLEN(nm));
XSTRNCPY(rem.sun_path, nm, sizeof(rem.sun_path));
}
/* connect to egd server */
@ -25070,7 +25047,7 @@ int wolfSSL_RSA_verify(int type, const unsigned char* m,
return WOLFSSL_FAILURE;
}
sigDec = (unsigned char *)XMALLOC(sigLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if(sigRet == NULL){
if(sigDec == NULL){
WOLFSSL_MSG("Memory failure");
XFREE(sigRet, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
@ -25777,7 +25754,7 @@ void wolfSSL_aes_ctr_iv(WOLFSSL_EVP_CIPHER_CTX* ctx, int doset,
}
if (doset)
wc_AesSetIV(&ctx->cipher.aes, iv); /* OpenSSL compat, no ret */
(void)wc_AesSetIV(&ctx->cipher.aes, iv); /* OpenSSL compat, no ret */
else
XMEMCPY(iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE);
}
@ -29198,11 +29175,13 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
i = XFTELL(bp->file);
if (i < 0)
return NULL;
XFSEEK(bp->file, 0, SEEK_END);
if (XFSEEK(bp->file, 0, SEEK_END) != 0)
return NULL;
l = XFTELL(bp->file);
if (l < 0)
return NULL;
XFSEEK(bp->file, i, SEEK_SET);
if (XFSEEK(bp->file, i, SEEK_SET) != 0)
return NULL;
#else
WOLFSSL_MSG("Unable to read file with NO_FILESYSTEM defined");
return NULL;
@ -29211,7 +29190,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
else
return NULL;
/* check calulated length */
/* check calculated length */
if (l - i < 0)
return NULL;
pem = (unsigned char*)XMALLOC(l - i, 0, DYNAMIC_TYPE_PEM);
@ -29227,8 +29206,8 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
if (i > 26 && XMEMCMP((char *)&pem[i-26], END_CERT, 25) == 0) {
if (pem[i-1] == '\r') {
/* found \r , Windows line ending is \r\n so try to read one
* more byte for \n */
wolfSSL_BIO_read(bp, (char *)&pem[i++], 1);
* more byte for \n, ignoring return value */
(void)wolfSSL_BIO_read(bp, (char *)&pem[i++], 1);
}
break;
}

49
src/tls.c
View File

@ -5319,18 +5319,22 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
/* Make an ECC key. */
ret = wc_curve25519_init(key);
if (ret != 0)
if (ret != 0) {
eccKey = (ecc_key*)key; /* assign for freeing key */
goto end;
}
ret = wc_curve25519_make_key(ssl->rng, keySize, key);
if (ret != 0)
if (ret != 0) {
eccKey = (ecc_key*)key; /* assign for freeing key */
goto end;
}
/* Allocate space for the public key. */
keyData = (byte*)XMALLOC(dataSize, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
if (keyData == NULL) {
WOLFSSL_MSG("Key data Memory error");
ret = MEMORY_E;
eccKey = (ecc_key*)key; /* assign for freeing key */
goto end;
}
@ -5338,6 +5342,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
if (wc_curve25519_export_public_ex(key, keyData, &dataSize,
EC25519_LITTLE_ENDIAN) != 0) {
ret = ECC_EXPORT_ERROR;
eccKey = (ecc_key*)key; /* assign for freeing key */
goto end;
}
@ -5722,27 +5727,28 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
return MEMORY_ERROR;
}
ret = wc_curve25519_init(peerEccKey);
if (ret != 0)
return ret;
if (ret == 0) {
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_MSG("Peer Curve25519 Key");
WOLFSSL_BUFFER(keyShareEntry->ke, keyShareEntry->keLen);
WOLFSSL_MSG("Peer Curve25519 Key");
WOLFSSL_BUFFER(keyShareEntry->ke, keyShareEntry->keLen);
#endif
/* Point is validated by import function. */
if (wc_curve25519_import_public_ex(keyShareEntry->ke,
keyShareEntry->keLen, peerEccKey,
EC25519_LITTLE_ENDIAN) != 0) {
return ECC_PEERKEY_ERROR;
/* Point is validated by import function. */
if (wc_curve25519_import_public_ex(keyShareEntry->ke,
keyShareEntry->keLen, peerEccKey,
EC25519_LITTLE_ENDIAN) != 0) {
ret = ECC_PEERKEY_ERROR;
}
else {
ssl->arrays->preMasterSz = ENCRYPT_LEN;
ret = wc_curve25519_shared_secret_ex(key, peerEccKey,
ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz,
EC25519_LITTLE_ENDIAN);
wc_curve25519_free(peerEccKey);
ssl->ecdhCurveOID = ECC_X25519_OID;
}
}
ssl->arrays->preMasterSz = ENCRYPT_LEN;
ret = wc_curve25519_shared_secret_ex(key, peerEccKey,
ssl->arrays->preMasterSecret, &ssl->arrays->preMasterSz,
EC25519_LITTLE_ENDIAN);
wc_curve25519_free(peerEccKey);
XFREE(peerEccKey, ssl->heap, DYNAMIC_TYPE_TLSX);
ssl->ecdhCurveOID = ECC_X25519_OID;
return ret;
}
#endif
@ -8164,9 +8170,6 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
(void)public_key_len;
(void)ssl;
if (ret == WOLFSSL_SUCCESS)
ret = 0;
return ret;
}

17
src/tls13.c
View File

@ -953,7 +953,7 @@ static const byte writeIVLabel[WRITE_IV_LABEL_SZ+1] = "iv";
*/
static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
{
int ret;
int ret = BAD_FUNC_ARG; /* Assume failure */
int i = 0;
#ifdef WOLFSSL_SMALL_STACK
byte* key_dig;
@ -2012,12 +2012,15 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
switch (ssl->options.buildMsgState) {
case BUILD_MSG_BEGIN:
{
if (output == NULL || input == NULL)
return BAD_FUNC_ARG;
/* catch mistaken sizeOnly parameter */
if (sizeOnly && (output || input)) {
WOLFSSL_MSG("BuildTls13Message with sizeOnly doesn't need "
"input or output");
/* catch mistaken sizeOnly parameter */
if (sizeOnly) {
if (output || input) {
WOLFSSL_MSG("BuildTls13Message with sizeOnly "
"doesn't need input or output");
return BAD_FUNC_ARG;
}
}
else if (output == NULL || input == NULL) {
return BAD_FUNC_ARG;
}