From 726e7026cb04ae145e631f34bb6450b453f5c424 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 19 Jan 2024 10:31:20 -0500 Subject: [PATCH 1/4] Uninitialized variable because we don't check return value Warning 544870.5627882 --- wolfcrypt/src/pkcs7.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index af6bb55bd..a24d6a271 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11489,8 +11489,13 @@ int wc_PKCS7_EncodeAuthEnvelopedData(PKCS7* pkcs7, byte* output, return MEMORY_E; } - FlattenAttributes(pkcs7, flatAuthAttribs, authAttribs, + ret = FlattenAttributes(pkcs7, flatAuthAttribs, authAttribs, authAttribsCount); + if (ret != 0) { + wc_PKCS7_FreeEncodedRecipientSet(pkcs7); + XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + return ret; + } authAttribsSetSz = SetImplicit(ASN_SET, 1, authAttribsSz, authAttribSet); From 2c162ffb97c7a90cb82e056ce6e2a8b4a4bdbff2 Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 19 Jan 2024 10:39:33 -0500 Subject: [PATCH 2/4] Make sure aes->rounds is initialized Warning 684346.5627323 --- wolfcrypt/src/aes.c | 1 + 1 file changed, 1 insertion(+) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 816a76a65..2214f8a71 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -11103,6 +11103,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId) return BAD_FUNC_ARG; aes->heap = heap; + aes->rounds = 0; #ifdef WOLF_CRYPTO_CB aes->devId = devId; From 7069a1805a782418425be058b7e40b4a0982a96f Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 19 Jan 2024 10:47:38 -0500 Subject: [PATCH 3/4] Avoid "Use after free" Warning 544767.5627232 --- tests/api.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/api.c b/tests/api.c index cf2b3fe5c..d9faa10fa 100644 --- a/tests/api.c +++ b/tests/api.c @@ -34558,9 +34558,11 @@ static int test_wolfSSL_tmp_dh(void) BIO_free(bio); DSA_free(dsa); DH_free(dh); + dh = NULL; #if defined(WOLFSSL_DH_EXTRA) && \ (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)) DH_free(dh2); + dh2 = NULL; #endif SSL_free(ssl); SSL_CTX_free(ctx); @@ -47143,6 +47145,7 @@ static int test_wolfSSL_PEM_read_DHparams(void) XFCLOSE(fp); DH_free(dh); + dh = NULL; #endif return EXPECT_RESULT(); } @@ -47901,7 +47904,9 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void) EVP_PKEY_free(pkey); DH_free(setDh); + setDh = NULL; DH_free(dh); + dh = NULL; #endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */ @@ -48071,6 +48076,7 @@ static int test_wolfSSL_CTX_ctrl(void) BIO_free(bio); DSA_free(dsa); DH_free(dh); + dh = NULL; #endif #endif #ifdef HAVE_ECC @@ -48317,6 +48323,7 @@ static int test_wolfSSL_EVP_PKEY_keygen(void) ASN1_INTEGER_free(asn1int); DH_free(dh); + dh = NULL; XFREE(derBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); EVP_PKEY_free(pkey); @@ -48405,6 +48412,7 @@ static int test_wolfSSL_EVP_PKEY_copy_parameters(void) ExpectIntEQ(BN_cmp(g1, g2), 0); DH_free(dh); + dh = NULL; EVP_PKEY_free(copy); EVP_PKEY_free(params); #endif @@ -49150,7 +49158,9 @@ static int test_wolfSSL_EVP_PKEY_param_check(void) EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); DH_free(setDh); + setDh = NULL; DH_free(dh); + dh = NULL; #endif #endif return EXPECT_RESULT(); @@ -58430,6 +58440,7 @@ static int test_wolfSSL_DH(void) ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL)); ExpectIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0); DH_free(dh); + dh = NULL; #endif #endif /* !HAVE_FIPS || (HAVE_FIPS_VERSION && HAVE_FIPS_VERSION > 2) */ #endif /* OPENSSL_ALL */ @@ -58584,6 +58595,7 @@ static int test_wolfSSL_DH(void) ExpectIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS); DH_free(dh); /* decrease ref count */ DH_free(dh); /* free WOLFSSL_DH */ + dh = NULL; q = NULL; ExpectNull((dh = DH_new_by_nid(NID_sha1))); @@ -58593,16 +58605,19 @@ static int test_wolfSSL_DH(void) #ifdef HAVE_FFDHE_2048 ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe2048))); DH_free(dh); + dh = NULL; q = NULL; #endif #ifdef HAVE_FFDHE_3072 ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe3072))); DH_free(dh); + dh = NULL; q = NULL; #endif #ifdef HAVE_FFDHE_4096 ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe4096))); DH_free(dh); + dh = NULL; q = NULL; #endif #else @@ -58802,6 +58817,7 @@ static int test_wolfSSL_DH_check(void) ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0); ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME); DH_free(dh); + dh = NULL; #endif #endif /* !NO_DH && !NO_DSA */ #endif @@ -59287,6 +59303,7 @@ static int test_wolfSSL_i2d_DHparams(void) ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268); DH_free(dh); + dh = NULL; *buf = 0; #endif @@ -59316,6 +59333,7 @@ static int test_wolfSSL_i2d_DHparams(void) ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396); DH_free(dh); + dh = NULL; #endif dh = DH_new(); @@ -59323,6 +59341,7 @@ static int test_wolfSSL_i2d_DHparams(void) pt2 = buf; ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0); DH_free(dh); + dh = NULL; #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* !NO_DH && (HAVE_FFDHE_2048 || HAVE_FFDHE_3072) */ #endif From dbc209d8ea0ce1bd8d573657d88189813645e88c Mon Sep 17 00:00:00 2001 From: Andras Fekete Date: Fri, 19 Jan 2024 10:58:29 -0500 Subject: [PATCH 4/4] Always initialize 'decryptedKey' Warning 750167.5627928 --- wolfcrypt/src/pkcs7.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index a24d6a271..e312520a1 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11830,10 +11830,6 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in, } #endif -#ifndef WOLFSSL_SMALL_STACK - XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ); -#endif - switch (pkcs7->state) { case WC_PKCS7_START: case WC_PKCS7_INFOSET_START: @@ -11872,6 +11868,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in, pkcs7->stream->key = decryptedKey; #endif #endif + XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ); FALL_THROUGH; case WC_PKCS7_DECRYPT_KTRI: