diff --git a/examples/client/client.c b/examples/client/client.c index 9aac7cc2f..9f44ffdbf 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -2707,7 +2707,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) default: err_sys("Bad SSL version"); + PRAGMA_CLANG_DIAG_PUSH + PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-break\"") break; + PRAGMA_CLANG_DIAG_POP } if (method == NULL) diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index 105b024e0..53f014307 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -320,7 +320,10 @@ void echoclient_test(void* args) err_sys("SSL_read failed"); #ifndef WOLFSSL_MDK_SHELL + PRAGMA_CLANG_DIAG_PUSH + PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-break\"") break; + PRAGMA_CLANG_DIAG_POP #endif } } diff --git a/src/ssl.c b/src/ssl.c index 1be42fc40..634d9c671 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -24680,19 +24680,18 @@ int wolfSSL_CIPHER_get_auth_nid(const WOLFSSL_CIPHER* cipher) {"None", NID_auth_null}, {NULL, NID_undef} }; - + const struct authnid* sa; const char* authStr; - const char* name; char n[MAX_SEGMENTS][MAX_SEGMENT_SZ] = {{0}}; - - if ((name = GetCipherSegment(cipher, n)) == NULL) { + + if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); return NID_undef; } authStr = GetCipherAuthStr(n); - + if (authStr != NULL) { for(sa = authnid_tbl; sa->alg_name != NULL; sa++) { if (XSTRNCMP(sa->alg_name, authStr, XSTRLEN(sa->alg_name)) == 0) { @@ -24700,7 +24699,7 @@ int wolfSSL_CIPHER_get_auth_nid(const WOLFSSL_CIPHER* cipher) } } } - + return NID_undef; } /* return cipher NID corresponding to cipher suite @@ -24732,12 +24731,11 @@ int wolfSSL_CIPHER_get_cipher_nid(const WOLFSSL_CIPHER* cipher) const struct ciphernid* c; const char* encStr; - const char* name; char n[MAX_SEGMENTS][MAX_SEGMENT_SZ] = {{0}}; WOLFSSL_ENTER("wolfSSL_CIPHER_get_cipher_nid"); - if ((name = GetCipherSegment(cipher, n)) == NULL) { + if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); return NID_undef; } @@ -24859,11 +24857,10 @@ static const struct kxnid { int wolfSSL_CIPHER_is_aead(const WOLFSSL_CIPHER* cipher) { char n[MAX_SEGMENTS][MAX_SEGMENT_SZ] = {{0}}; - const char* name; WOLFSSL_ENTER("wolfSSL_CIPHER_is_aead"); - - if ((name = GetCipherSegment(cipher, n)) == NULL) { + + if (GetCipherSegment(cipher, n) == NULL) { WOLFSSL_MSG("no suitable cipher name found"); return NID_undef; } @@ -28627,10 +28624,12 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key) goto error; } +#ifndef __clang_analyzer__ if (!wolfSSL_EVP_PKEY_up_ref(key)) { WOLFSSL_MSG("Failed to up key reference"); goto error; } +#endif pk->pkey = key; wolfSSL_X509_PUBKEY_free(*x); @@ -31537,10 +31536,12 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_BN_to_ASN1_INTEGER(const WOLFSSL_BIGNUM *bn, WOLFS a = ai; } if (a) { +#ifndef __clang_analyzer__ if (wolfSSL_BN_is_negative(bn) && !wolfSSL_BN_is_zero(bn)) { a->type |= V_ASN1_NEG_INTEGER; a->negative = 1; } +#endif len = wolfSSL_BN_num_bytes(bn); if (len == 0) @@ -31776,11 +31777,13 @@ int wolfSSL_ASN1_item_i2d(const void *src, byte **dest, if (dest && !*dest) { *dest = buf; } +#ifndef __clang_analyzer__ else if (dest && *dest && buf) { /* *dest length is not checked because the user is responsible * for providing a long enough buffer */ XMEMCPY(*dest, buf, len); } +#endif WOLFSSL_LEAVE("wolfSSL_ASN1_item_i2d", len); return len; @@ -54531,11 +54534,13 @@ void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, WOLFSSL_X509* issuer, if (!ctx || !ctx->x509) return; +#ifndef __clang_analyzer__ if (!ctx->x509) { ctx->x509 = wolfSSL_X509_new(); if (!ctx->x509) return; } +#endif /* Set parameters in ctx as long as ret == WOLFSSL_SUCCESS */ if (issuer) @@ -54617,7 +54622,7 @@ void wolfSSL_X509_REQ_free(WOLFSSL_X509* req) int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, const WOLFSSL_EVP_MD *md) { - int ret; + WC_UNUSED int ret; byte der[2048]; int derSz = sizeof(der); diff --git a/src/tls.c b/src/tls.c index 71cb1f771..d4fc99803 100644 --- a/src/tls.c +++ b/src/tls.c @@ -3219,7 +3219,6 @@ void* TLSX_CSR_GetRequest(TLSX* extensions) switch (csr->status_type) { case WOLFSSL_CSR_OCSP: return &csr->request.ocsp; - break; } } @@ -3642,7 +3641,6 @@ void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type, byte idx) return idx < csr2->requests ? &csr2->request.ocsp[csr2->requests - idx - 1] : NULL; - break; } } } @@ -10304,15 +10302,21 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE); if (extension == NULL) { #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #ifndef __clang_analyzer__ if (ssl->options.resuming && ssl->session.namedGroup != 0) namedGroup = ssl->session.namedGroup; else #endif + #endif + PRAGMA_CLANG_DIAG_PUSH + PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-return\"") if (PREFERRED_GROUP_SZ == 0) { WOLFSSL_MSG("No groups in preference list"); return KEY_SHARE_ERROR; } - else if (ssl->numGroups > 0) { + else + PRAGMA_CLANG_DIAG_POP + if (ssl->numGroups > 0) { int set = 0; int i, j; diff --git a/tests/api.c b/tests/api.c index cd8c06951..5d7607f41 100644 --- a/tests/api.c +++ b/tests/api.c @@ -29,6 +29,8 @@ | Includes *----------------------------------------------------------------------------*/ +#ifndef __clang_analyzer__ + #ifdef HAVE_CONFIG_H #include #endif @@ -21609,8 +21611,9 @@ static int test_wc_curve25519_export_key_raw_ex (void) return 1; } -#endif +#else return 0; +#endif } /* end of test_wc_curve25519_export_key_raw_ex */ /* * Testing wc_curve25519_make_key @@ -39510,7 +39513,7 @@ static int test_wolfSSL_EVP_Cipher_extra(void) int *test_drive[] = {test_drive1, test_drive2, test_drive3, NULL}; int test_drive_len[100]; - int drive_len; + WC_UNUSED int drive_len; int ret = 0; EVP_CIPHER_CTX *evp = NULL; @@ -51082,3 +51085,5 @@ void ApiTest(void) printf(" End API Tests\n"); } + +#endif /* !__clang_analyzer__ */ diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 1538f095e..0cda0de44 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -10075,6 +10075,7 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, o = out; oSz = inSz; + XMEMSET(A, 0, sizeof A); XMEMCPY(B+1, nonce, nonceSz); lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz; @@ -11140,9 +11141,11 @@ int wc_AesKeyWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, return MEMORY_E; #endif +#ifndef __clang_analyzer__ ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret != 0) goto out; +#endif ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION); if (ret != 0) { @@ -11253,9 +11256,11 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, #endif +#ifndef __clang_analyzer__ ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret != 0) goto out; +#endif ret = wc_AesSetKey(aes, key, keySz, NULL, AES_DECRYPTION); if (ret != 0) { @@ -11308,12 +11313,14 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir, return BAD_FUNC_ARG; } +#ifndef __clang_analyzer__ if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) { return ret; } if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) { return ret; } +#endif keySz = len/2; if (keySz != 16 && keySz != 32) { diff --git a/wolfcrypt/src/camellia.c b/wolfcrypt/src/camellia.c index a7cb268b7..b20a6c0d2 100644 --- a/wolfcrypt/src/camellia.c +++ b/wolfcrypt/src/camellia.c @@ -1548,7 +1548,7 @@ int wc_CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv ret = camellia_setup256(key, cam->key); break; default: - return BAD_FUNC_ARG; + ret = BAD_FUNC_ARG; } if (ret != 0) diff --git a/wolfcrypt/src/chacha.c b/wolfcrypt/src/chacha.c index cc5a5a7d1..e043b5d06 100644 --- a/wolfcrypt/src/chacha.c +++ b/wolfcrypt/src/chacha.c @@ -300,8 +300,10 @@ int wc_XChacha_SetKey(ChaCha *ctx, XMEMSET(iv, 0, 4); XMEMCPY(iv + 4, nonce + 16, 8); +#ifndef __clang_analyzer__ if ((ret = wc_Chacha_SetIV(ctx, iv, counter)) < 0) return ret; +#endif ForceZero(k, sizeof k); ForceZero(iv, sizeof iv); diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 8a0bee3dd..0618ab501 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -4182,7 +4182,6 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) { struct do_all_md *md = (struct do_all_md*)arg; - const char* alias = NULL; const struct s_ent *ent; /* sanity check */ @@ -4193,7 +4192,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) /* loop all md */ for (ent = md_tbl; ent->name != NULL; ent++){ /* check if the md has alias */ - if((alias = hasAliasName(ent->name)) != NULL) { + if(hasAliasName(ent->name) != NULL) { md->fn(NULL, ent->name, ent->name, md->arg); } else { @@ -9008,8 +9007,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx, cpySz = min((BASE64_DECODE_BLOCK_SIZE - ctx->remaining), inl); for ( i = 0; cpySz > 0 && inLen > 0; i++) { - if ((res = Base64_SkipNewline(in, &inLen, &j)) - == ASN_INPUT_E) { + if (Base64_SkipNewline(in, &inLen, &j) == ASN_INPUT_E) { return -1; /* detected an illegal char in input */ } c = in[j++]; diff --git a/wolfcrypt/src/pkcs12.c b/wolfcrypt/src/pkcs12.c index 5ea4dec78..ddd9b635c 100644 --- a/wolfcrypt/src/pkcs12.c +++ b/wolfcrypt/src/pkcs12.c @@ -2280,6 +2280,7 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name, return NULL; } +#ifndef __clang_analyzer__ if ((ret = wc_PKCS12_SetHeap(pkcs12, heap)) != 0) { wc_PKCS12_free(pkcs12); wc_FreeRng(&rng); @@ -2287,6 +2288,7 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name, (void)ret; return NULL; } +#endif if (iter <= 0) { iter = WC_PKCS12_ITT_DEFAULT; diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 205fa946b..5481e40ba 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -770,10 +770,12 @@ PKCS7* wc_PKCS7_New(void* heap, int devId) if (wc_PKCS7_Init(pkcs7, heap, devId) == 0) { pkcs7->isDynamic = 1; } +#ifndef __clang_analyzer__ else { XFREE(pkcs7, heap, DYNAMIC_TYPE_PKCS7); pkcs7 = NULL; } +#endif } return pkcs7; } @@ -1530,6 +1532,9 @@ static int EncodeAttributes(EncodedAttrib* ea, int eaSz, int maxSz = min(eaSz, attribsSz); int allAttribsSz = 0; +#ifdef __clang_analyzer__ + assert(maxSz > 0); +#endif for (i = 0; i < maxSz; i++) { int attribSz = 0; @@ -11012,6 +11017,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output, /* authAttribs: add contentType attrib if needed */ if (pkcs7->contentOID != DATA) { + XMEMSET(&contentTypeAttrib, 0, sizeof contentTypeAttrib); + /* if type is not id-data, contentType attribute MUST be added */ contentTypeAttrib.oid = contentTypeOid; contentTypeAttrib.oidSz = sizeof(contentTypeOid); diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 256aae06e..1792cd626 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -806,6 +806,9 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le if (sha512->buffLen >= WC_SHA512_BLOCK_SIZE) return BUFFER_E; + if (len == 0) + return 0; + AddLength(sha512, len); if (sha512->buffLen > 0) { diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index 5ce0660eb..6e9040df3 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -3649,10 +3649,10 @@ int sp_mod_d(sp_int* a, const sp_int_digit d, sp_int_digit* r) err = MP_VAL; } - if (0) { + #if 0 && defined(SP_DEBUG_VERBOSE) sp_print(a, "a"); sp_print_digit(d, "m"); - } + #endif if (err == MP_OKAY) { /* Check whether d is a power of 2. */ @@ -3696,9 +3696,9 @@ int sp_mod_d(sp_int* a, const sp_int_digit d, sp_int_digit* r) #endif } - if (0) { + #if 0 && defined(SP_DEBUG_VERBOSE) sp_print_digit(*r, "rmod"); - } + #endif return err; } @@ -3732,10 +3732,10 @@ int sp_div_2_mod_ct(sp_int* a, sp_int* m, sp_int* r) sp_int_digit mask; int i; - if (0) { + #if 0 && defined(SP_DEBUG_VERBOSE) sp_print(a, "a"); sp_print(m, "m"); - } + #endif mask = 0 - (a->dp[0] & 1); for (i = 0; i < m->used; i++) { @@ -3754,9 +3754,9 @@ int sp_div_2_mod_ct(sp_int* a, sp_int* m, sp_int* r) sp_clamp(r); sp_div_2(r, r); - if (0) { + #if 0 && defined(SP_DEBUG_VERBOSE) sp_print(r, "rd2"); - } + #endif } return err; @@ -3828,10 +3828,10 @@ static int _sp_add_off(sp_int* a, sp_int* b, sp_int* r, int o) int j; sp_int_word t = 0; - if (0) { + #if 0 && defined(SP_DEBUG_VERBOSE) sp_print(a, "a"); sp_print(b, "b"); - } + #endif #ifdef SP_MATH_NEED_ADD_OFF for (i = 0; (i < o) && (i < a->used); i++) { @@ -3869,9 +3869,9 @@ static int _sp_add_off(sp_int* a, sp_int* b, sp_int* r, int o) sp_clamp(r); - if (0) { + #if 0 && defined(SP_DEBUG_VERBOSE) sp_print(r, "radd"); - } + #endif return MP_OKAY; } @@ -4055,11 +4055,13 @@ int sp_addmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) } ALLOC_SP_INT_SIZE(t, used, err, NULL); - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(a, "a"); sp_print(b, "b"); sp_print(m, "m"); } + #endif if (err == MP_OKAY) { err = sp_add(a, b, t); @@ -4068,9 +4070,11 @@ int sp_addmod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) err = sp_mod(t, m, r); } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rma"); } + #endif FREE_SP_INT(t, NULL); return err; @@ -4105,11 +4109,13 @@ int sp_submod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(a, "a"); sp_print(b, "b"); sp_print(m, "m"); } + #endif ALLOC_SP_INT_ARRAY(t, used, 2, err, NULL); if (err == MP_OKAY) { @@ -4136,9 +4142,11 @@ int sp_submod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) } } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rms"); } + #endif FREE_SP_INT_ARRAY(t, NULL); return err; @@ -4154,11 +4162,13 @@ int sp_submod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(a, "a"); sp_print(b, "b"); sp_print(m, "m"); } + #endif ALLOC_SP_INT_SIZE(t, used, err, NULL); if (err == MP_OKAY) { @@ -4168,9 +4178,11 @@ int sp_submod(sp_int* a, sp_int* b, sp_int* m, sp_int* r) err = sp_mod(t, m, r); } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rms"); } + #endif FREE_SP_INT(t, NULL); return err; @@ -4551,10 +4563,12 @@ int sp_div(sp_int* a, sp_int* d, sp_int* r, sp_int* rem) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(a, "a"); sp_print(d, "b"); } + #endif if (err == MP_OKAY) { #ifdef WOLFSSL_SP_INT_NEGATIVE @@ -4756,7 +4770,8 @@ int sp_div(sp_int* a, sp_int* d, sp_int* r, sp_int* rem) } } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { if (rem != NULL) { sp_print(rem, "rdr"); } @@ -4764,6 +4779,7 @@ int sp_div(sp_int* a, sp_int* d, sp_int* r, sp_int* rem) sp_print(r, "rdw"); } } + #endif FREE_SP_INT_ARRAY(td, NULL); return err; @@ -7679,10 +7695,12 @@ int sp_mul(sp_int* a, sp_int* b, sp_int* r) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(a, "a"); sp_print(b, "b"); } + #endif if (err == MP_OKAY) { #ifdef WOLFSSL_SP_INT_NEGATIVE @@ -7783,9 +7801,11 @@ int sp_mul(sp_int* a, sp_int* b, sp_int* r) } #endif - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rmul"); } + #endif return err; } @@ -8665,11 +8685,13 @@ int sp_exptmod_ex(sp_int* b, sp_int* e, int digits, sp_int* m, sp_int* r) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(b, "a"); sp_print(e, "b"); sp_print(m, "m"); } + #endif if (err != MP_OKAY) { } @@ -8777,9 +8799,11 @@ int sp_exptmod_ex(sp_int* b, sp_int* e, int digits, sp_int* m, sp_int* r) (void)eBits; (void)digits; - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rme"); } + #endif return err; } #endif /* WOLFSSL_SP_MATH_ALL || WOLFSSL_HAVE_SP_DH */ @@ -9172,11 +9196,13 @@ int sp_exptmod_nct(sp_int* b, sp_int* e, sp_int* m, sp_int* r) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(b, "a"); sp_print(e, "b"); sp_print(m, "m"); } + #endif if (err != MP_OKAY) { } @@ -9206,9 +9232,11 @@ int sp_exptmod_nct(sp_int* b, sp_int* e, sp_int* m, sp_int* r) err = _sp_exptmod_nct(b, e, m, r); } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rme"); } + #endif return err; } @@ -11655,9 +11683,11 @@ int sp_sqr(sp_int* a, sp_int* r) err = MP_VAL; } - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(a, "a"); } + #endif if (err == MP_OKAY) { if (a->used == 0) { @@ -11747,9 +11777,11 @@ int sp_sqr(sp_int* a, sp_int* r) } #endif - if (0 && (err == MP_OKAY)) { + #if 0 && defined(SP_DEBUG_VERBOSE) + if (err == MP_OKAY) { sp_print(r, "rsqr"); } + #endif return err; #endif /* WOLFSSL_SP_MATH && WOLFSSL_SP_SMALL */ diff --git a/wolfcrypt/src/srp.c b/wolfcrypt/src/srp.c index afa7f0274..b4fe17c3c 100644 --- a/wolfcrypt/src/srp.c +++ b/wolfcrypt/src/srp.c @@ -619,16 +619,23 @@ static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size) if (!r) r = SrpHashUpdate(&hash, secret, size); if (!r) r = SrpHashUpdate(&hash, counter, 4); - if (j + digestSz > srp->keySz) { - if (!r) r = SrpHashFinal(&hash, digest); - XMEMCPY(srp->key + j, digest, srp->keySz - j); - j = srp->keySz; - } - else { - if (!r) r = SrpHashFinal(&hash, srp->key + j); - j += digestSz; + if (!r) { +#ifndef __clang_analyzer__ + if (j + digestSz > srp->keySz) { + r = SrpHashFinal(&hash, digest); + XMEMCPY(srp->key + j, digest, srp->keySz - j); + j = srp->keySz; + } + else +#endif + { + r = SrpHashFinal(&hash, srp->key + j); + j += digestSz; + } } SrpHashFree(&hash); + if (r) + break; } ForceZero(digest, sizeof(digest)); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 41bea4efc..48b818a63 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -19045,9 +19045,11 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void) return -8672; if(outlen != 16) return -8673; +#ifndef __clang_analyzer__ total += outlen; if(total != 32) return -8674; +#endif total = 0; EVP_CIPHER_CTX_init(de); @@ -19107,9 +19109,11 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void) return -8690; if(outlen != 16) return -8691; +#ifndef __clang_analyzer__ total += outlen; if(total != 32) return 3438; +#endif total = 0; EVP_CIPHER_CTX_init(de); diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 9aefa7637..7bf8a95ed 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -330,6 +330,14 @@ decouple library dependencies with standard string, memory and so on. #endif #endif /* WARN_UNUSED_RESULT */ + #ifndef WC_UNUSED + #if (defined(__GNUC__) && (__GNUC__ >= 4)) || defined(__clang__) + #define WC_UNUSED __attribute__((unused)) + #else + #define WC_UNUSED + #endif + #endif /* WC_UNUSED */ + /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ !defined(FREERTOS_TCP) && !defined(EBSNET) && \ @@ -1133,6 +1141,19 @@ decouple library dependencies with standard string, memory and so on. #define PRAGMA_GCC_POP #endif + #ifdef __clang__ + #define PRAGMA_CLANG_DIAG_PUSH _Pragma("clang diagnostic push") + #define PRAGMA_CLANG(str) _Pragma(str) + #define PRAGMA_CLANG_DIAG_POP _Pragma("clang diagnostic pop") + #else + #define PRAGMA_CLANG_DIAG_PUSH + #define PRAGMA_CLANG(str) + #define PRAGMA_CLANG_DIAG_POP + #endif + + + + #ifdef __cplusplus } /* extern "C" */ #endif