From 3d71956b484448122bc6ff5e2537225abc587e80 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Thu, 2 Jun 2022 16:08:25 +0200 Subject: [PATCH] wolfssl-multi-test fixes: - Remove RetrySendAlert and SendAlert recursion - args possible NULL dereference --- src/internal.c | 74 ++++++++++++++++++++++++++++---------------------- src/tls13.c | 4 +-- 2 files changed, 43 insertions(+), 35 deletions(-) diff --git a/src/internal.c b/src/internal.c index f329b01cb..28fa654a1 100644 --- a/src/internal.c +++ b/src/internal.c @@ -18579,13 +18579,14 @@ int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes) #ifndef WOLFSSL_NO_TLS12 void FreeBuildMsgArgs(WOLFSSL* ssl, BuildMsgArgs* args) { + (void)ssl; if (args #ifdef WOLFSSL_ASYNC_CRYPT && ssl->options.buildArgsSet #endif ) { /* only free the IV if it was dynamically allocated */ - if (ssl && args->iv && (args->iv != args->staticIvBuffer)) { + if (args->iv && (args->iv != args->staticIvBuffer)) { XFREE(args->iv, ssl->heap, DYNAMIC_TYPE_SALT); } } @@ -20597,22 +20598,7 @@ startScr: return size; } -int RetrySendAlert(WOLFSSL* ssl) -{ - int type = ssl->pendingAlert.code; - int severity = ssl->pendingAlert.level; - - if (severity == alert_none) - return 0; - - ssl->pendingAlert.code = 0; - ssl->pendingAlert.level = alert_none; - - return SendAlert(ssl, severity, type); -} - -/* send alert message */ -int SendAlert(WOLFSSL* ssl, int severity, int type) +static int SendAlert_ex(WOLFSSL* ssl, int severity, int type) { byte input[ALERT_SIZE]; byte *output; @@ -20643,21 +20629,6 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) } #endif - if (ssl->pendingAlert.level != alert_none) { - ret = RetrySendAlert(ssl); - if (ret != 0) { - if (ssl->pendingAlert.level == alert_none || - (ssl->pendingAlert.level != alert_fatal && - severity == alert_fatal)) { - /* Store current alert if pendingAlert if free or if current - * is fatal and previous was not */ - ssl->pendingAlert.code = type; - ssl->pendingAlert.level = severity; - } - return ret; - } - } - ssl->pendingAlert.code = type; ssl->pendingAlert.level = severity; @@ -20756,6 +20727,43 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) return ret; } +int RetrySendAlert(WOLFSSL* ssl) +{ + int type = ssl->pendingAlert.code; + int severity = ssl->pendingAlert.level; + + if (severity == alert_none) + return 0; + + ssl->pendingAlert.code = 0; + ssl->pendingAlert.level = alert_none; + + return SendAlert_ex(ssl, severity, type); +} + +/* send alert message */ +int SendAlert(WOLFSSL* ssl, int severity, int type) +{ + int ret; + + if (ssl->pendingAlert.level != alert_none) { + ret = RetrySendAlert(ssl); + if (ret != 0) { + if (ssl->pendingAlert.level == alert_none || + (ssl->pendingAlert.level != alert_fatal && + severity == alert_fatal)) { + /* Store current alert if pendingAlert is empty or if current + * is fatal and previous was not */ + ssl->pendingAlert.code = type; + ssl->pendingAlert.level = severity; + } + return ret; + } + } + + return SendAlert_ex(ssl, severity, type); +} + const char* wolfSSL_ERR_reason_error_string(unsigned long e) { #ifdef NO_ERROR_STRINGS @@ -29533,7 +29541,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* WOLFSSL_ASYNC_IO */ /* Final cleanup */ - if (args->input != NULL) { + if (args != NULL && args->input != NULL) { XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); args->input = NULL; } diff --git a/src/tls13.c b/src/tls13.c index 04a89375f..3cee1da6d 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -4646,7 +4646,7 @@ static void FreeDch13Args(WOLFSSL* ssl, void* pArgs) (void)ssl; - if (args->clSuites) { + if (args && args->clSuites) { XFREE(args->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES); args->clSuites = NULL; } @@ -6097,7 +6097,7 @@ static void FreeScv13Args(WOLFSSL* ssl, void* pArgs) (void)ssl; - if (args->sigData) { + if (args && args->sigData) { XFREE(args->sigData, ssl->heap, DYNAMIC_TYPE_SIGNATURE); args->sigData = NULL; }