From e4ac38c5324456de65c44188c1ffaac94a6cef45 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 20 Dec 2017 11:35:30 -0700
Subject: [PATCH 1/4] fix valgrind use of uninitialized value warning

---
 wolfcrypt/benchmark/benchmark.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c
index eb543a6ac..c84a3b439 100644
--- a/wolfcrypt/benchmark/benchmark.c
+++ b/wolfcrypt/benchmark/benchmark.c
@@ -2012,6 +2012,9 @@ void bench_aesccm(void)
     DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
     DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
 
+    XMEMSET(bench_tag, 0, AES_AUTH_TAG_SZ);
+    XMEMSET(bench_additional, 0, AES_AUTH_ADD_SZ);
+
     if ((ret = wc_AesCcmSetKey(&enc, bench_key, 16)) != 0) {
         printf("wc_AesCcmSetKey failed, ret = %d\n", ret);
         return;

From f93ed32cb330b5084f5ae80be625ad9bf3c4a6b8 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 20 Dec 2017 11:48:09 -0700
Subject: [PATCH 2/4] fix scanbuild issue, use of NULL pointer in
 wc_Sha256Update

---
 wolfcrypt/src/sha256.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
index 2f19b9274..cd0d1b3ad 100644
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@@ -58,6 +58,12 @@
         if (sha == NULL ||  (data == NULL && len > 0)) {
             return BAD_FUNC_ARG;
         }
+
+        if (data == NULL && len == 0) {
+            /* valid, but do nothing */
+            return 0;
+        }
+
         return Sha256Update_fips(sha, data, len);
     }
     int wc_Sha256Final(wc_Sha256* sha, byte* out)
@@ -433,6 +439,11 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
         }
 
+        if (data == NULL && len == 0) {
+            /* valid arguments, but do nothing */
+            return 0;
+        }
+
         /* do block size increments */
         local = (byte*)sha256->buffer;
 
@@ -671,6 +682,11 @@ static INLINE void AddLength(wc_Sha256* sha256, word32 len)
             return BAD_FUNC_ARG;
         }
 
+        if (data == NULL && len == 0) {
+            /* valid, but do nothing */
+            return 0;
+        }
+
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
         if (sha256->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA256) {
         #if defined(HAVE_INTEL_QA)

From e97f8b5a9cc6c0cdbffa4da214b98299cd68a096 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 20 Dec 2017 12:18:49 -0700
Subject: [PATCH 3/4] fix scanbuild issues, internal.c and tfm.c

---
 src/internal.c      | 5 +++++
 wolfcrypt/src/tfm.c | 6 +++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index d76ace244..0ced00f78 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -6022,6 +6022,9 @@ static void AddHandShakeHeader(byte* output, word32 length,
 
     /* handshake header */
     hs = (HandShakeHeader*)output;
+    if (hs == NULL)
+        return;
+
     hs->type = type;
     c32to24(length, hs->length);         /* type and length same for each */
 #ifdef WOLFSSL_DTLS
@@ -14098,6 +14101,8 @@ int SendAlert(WOLFSSL* ssl, int severity, int type)
     /* get output buffer */
     output = ssl->buffers.outputBuffer.buffer +
              ssl->buffers.outputBuffer.length;
+    if (output == NULL)
+        return BUFFER_E;
 
     input[0] = (byte)severity;
     input[1] = (byte)type;
diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c
index 82169ae1f..81edccd0b 100644
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@@ -2915,9 +2915,9 @@ int fp_isprime_ex(fp_int *a, int t)
 
    /* do trial division */
    for (r = 0; r < FP_PRIME_SIZE; r++) {
-       fp_mod_d(a, primes[r], &d);
-       if (d == 0) {
-          return FP_NO;
+       res = fp_mod_d(a, primes[r], &d);
+       if (res != MP_OKAY || d == 0) {
+           return FP_NO;
        }
    }
 

From 2460a3de3d61f5c1f088214fcf5cba3e7b06f3de Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Wed, 20 Dec 2017 12:28:27 -0700
Subject: [PATCH 4/4] fix asn_test print in test.c

---
 wolfcrypt/test/test.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index a70d01b0b..b29d13fb5 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -446,9 +446,9 @@ int wolfcrypt_test(void* args)
 
 #ifndef NO_ASN
     if ( (ret = asn_test()) != 0)
-        return err_sys("base64   test failed!\n", ret);
+        return err_sys("asn      test failed!\n", ret);
     else
-        printf( "base64   test passed!\n");
+        printf( "asn      test passed!\n");
 #endif
 
 #ifndef NO_MD5