mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-08 12:40:49 +02:00
numerous fixes for memory errors reported by clang-tidy, most of them true positives, unmasked by CPPFLAGS=-DNO_WOLFSSL_MEMORY: clang-analyzer-unix.Malloc, clang-analyzer-core.NullDereference, clang-analyzer-core.uninitialized.Assign, clang-analyzer-core.UndefinedBinaryOperatorResult, and clang-analyzer-optin.portability.UnixAPI (re malloc(0)).
several fixes for defects reported by cppcheck: wolfcrypt/src/ecc.c: fix for cppcheck oppositeInnerCondition from cppcheck-2.16.0 in _ecc_make_key_ex(), and fixes for related unhandled errors discovered by manual inspection; wolfcrypt/test/test.c: fix XREALLOC call in memcb_test() to resolve cppcheck-detected memleak.
This commit is contained in:
@@ -1027,6 +1027,7 @@ static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl)
|
||||
if (dupl->monitors[0].path != NULL) {
|
||||
XFREE(dupl->monitors[0].path, dupl->heap,
|
||||
DYNAMIC_TYPE_CRL_MONITOR);
|
||||
dupl->monitors[0].path = NULL;
|
||||
}
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -7991,7 +7991,7 @@ int wolfSSL_i2d_PKCS8_PKEY(WOLFSSL_PKCS8_PRIV_KEY_INFO* key, unsigned char** pp)
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
len = (int)keySz;
|
||||
|
||||
if (pp == NULL)
|
||||
if ((pp == NULL) || (len == 0))
|
||||
return len;
|
||||
|
||||
if (*pp == NULL) {
|
||||
|
||||
+1
-1
@@ -6960,7 +6960,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
echX = TLSX_Find(ssl->extensions, TLSX_ECH);
|
||||
|
||||
if (echX == NULL)
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
ERROR_OUT(WOLFSSL_FATAL_ERROR, exit_dch);
|
||||
|
||||
((WOLFSSL_ECH*)echX->data)->aad = input + HANDSHAKE_HEADER_SZ;
|
||||
((WOLFSSL_ECH*)echX->data)->aadLen = helloSz;
|
||||
|
||||
@@ -1690,7 +1690,6 @@ WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(WOLFSSL_X509_EXTENSION* ex)
|
||||
WOLFSSL_MSG("Failed to get nid from passed extension object");
|
||||
return NULL;
|
||||
}
|
||||
XMEMSET(&method, 0, sizeof(WOLFSSL_v3_ext_method));
|
||||
switch (nid) {
|
||||
case WC_NID_basic_constraints:
|
||||
break;
|
||||
|
||||
+38
-28
@@ -33411,7 +33411,7 @@ static int test_wc_dilithium_check_key(void)
|
||||
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), 0);
|
||||
|
||||
/* Modify hash. */
|
||||
if (pubCheckKey != NULL) {
|
||||
if ((pubCheckKey != NULL) && EXPECT_SUCCESS()) {
|
||||
pubCheckKey[0] ^= 0x80;
|
||||
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, NULL),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
@@ -78037,7 +78037,6 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
|
||||
WOLFSSL_OCSP_CERTID* certId;
|
||||
WOLFSSL_OCSP_CERTID* certIdGood;
|
||||
WOLFSSL_OCSP_CERTID* certIdBad;
|
||||
const unsigned char* rawCertIdPtr;
|
||||
@@ -78056,40 +78055,49 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
|
||||
|
||||
/* If the cert ID is NULL the function should allocate it and copy the
|
||||
* data to it. */
|
||||
certId = NULL;
|
||||
ExpectNotNull(certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
|
||||
sizeof(rawCertId)));
|
||||
ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
|
||||
if (certId != NULL) {
|
||||
XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
{
|
||||
WOLFSSL_OCSP_CERTID* certId = NULL;
|
||||
ExpectNotNull(certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
|
||||
sizeof(rawCertId)));
|
||||
ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
|
||||
if (certId != NULL) {
|
||||
XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
}
|
||||
|
||||
/* If the cert ID is not NULL the function will just copy the data to it. */
|
||||
ExpectNotNull(certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER));
|
||||
ExpectNotNull(certId);
|
||||
ExpectNotNull(XMEMSET(certId, 0, sizeof(*certId)));
|
||||
{
|
||||
WOLFSSL_OCSP_CERTID* certId = NULL;
|
||||
ExpectNotNull(certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER));
|
||||
ExpectNotNull(certId);
|
||||
if (certId != NULL)
|
||||
XMEMSET(certId, 0, sizeof(*certId));
|
||||
|
||||
/* Reset rawCertIdPtr since it was push forward in the previous call. */
|
||||
rawCertIdPtr = &rawCertId[0];
|
||||
ExpectNotNull(certIdGood = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
|
||||
sizeof(rawCertId)));
|
||||
ExpectPtrEq(certIdGood, certId);
|
||||
ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
|
||||
if (certId != NULL) {
|
||||
XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
certId = NULL;
|
||||
/* Reset rawCertIdPtr since it was push forward in the previous call. */
|
||||
rawCertIdPtr = &rawCertId[0];
|
||||
ExpectNotNull(certIdGood = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
|
||||
sizeof(rawCertId)));
|
||||
ExpectPtrEq(certIdGood, certId);
|
||||
ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
|
||||
if (certId != NULL) {
|
||||
XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
certId = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/* The below tests should fail when passed bad parameters. NULL should
|
||||
* always be returned. */
|
||||
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr,
|
||||
sizeof(rawCertId)));
|
||||
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL,
|
||||
sizeof(rawCertId)));
|
||||
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0));
|
||||
{
|
||||
WOLFSSL_OCSP_CERTID* certId = NULL;
|
||||
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr,
|
||||
sizeof(rawCertId)));
|
||||
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL,
|
||||
sizeof(rawCertId)));
|
||||
ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0));
|
||||
}
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
@@ -84988,6 +84996,7 @@ static int test_wolfSSL_PEM_X509_INFO_read_bio(void)
|
||||
|
||||
ExpectIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1)));
|
||||
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
|
||||
subject = NULL;
|
||||
X509_INFO_free(info);
|
||||
info = NULL;
|
||||
|
||||
@@ -84997,6 +85006,7 @@ static int test_wolfSSL_PEM_X509_INFO_read_bio(void)
|
||||
|
||||
ExpectIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2)));
|
||||
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
|
||||
subject = NULL;
|
||||
X509_INFO_free(info);
|
||||
ExpectNull(info = sk_X509_INFO_pop(sk));
|
||||
|
||||
|
||||
+23
-13
@@ -28804,6 +28804,13 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap)
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
if (items == 0) {
|
||||
/* if zero items, short-circuit return to avoid frivolous zero-size
|
||||
* allocations.
|
||||
*/
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Allocate dynamic data items. */
|
||||
dataASN = (ASNSetData*)XMALLOC(items * sizeof(ASNSetData), heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -34171,23 +34178,26 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
|
||||
}
|
||||
#endif /* WOLFSSL_ECC_CURVE_STATIC */
|
||||
|
||||
if (key) {
|
||||
/* Store parameter set in key. */
|
||||
if ((ret == 0) && (wc_ecc_set_custom_curve(key, curve) < 0)) {
|
||||
ret = ASN_PARSE_E;
|
||||
}
|
||||
if (ret == 0) {
|
||||
/* The parameter set was allocated.. */
|
||||
key->deallocSet = 1;
|
||||
}
|
||||
}
|
||||
|
||||
if ((ret == 0) && (curveSz)) {
|
||||
*curveSz = curve->size;
|
||||
}
|
||||
|
||||
if ((ret != 0) && (curve != NULL)) {
|
||||
/* Failed to set parameters so free parameter set. */
|
||||
if (key) {
|
||||
/* Store parameter set in key. */
|
||||
if (ret == 0) {
|
||||
if (wc_ecc_set_custom_curve(key, curve) < 0) {
|
||||
ret = ASN_PARSE_E;
|
||||
}
|
||||
else {
|
||||
/* The parameter set was allocated.. */
|
||||
key->deallocSet = 1;
|
||||
/* Don't deallocate below. */
|
||||
curve = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (curve != NULL) { /* NOLINT(clang-analyzer-unix.Malloc) */
|
||||
wc_ecc_free_curve(curve, heap);
|
||||
}
|
||||
|
||||
|
||||
+30
-24
@@ -2036,19 +2036,21 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
|
||||
#ifndef WOLFSSL_SP_NO_2048
|
||||
if (mp_count_bits(&key->p) == 2048) {
|
||||
if (mp_init(y) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
ret = MP_INIT_E;
|
||||
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
if (ret == 0) {
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
|
||||
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree, agreeSz);
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree, agreeSz);
|
||||
|
||||
mp_clear(y);
|
||||
mp_clear(y);
|
||||
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
|
||||
/* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
|
||||
if ((ret == 0) &&
|
||||
@@ -2070,19 +2072,21 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
|
||||
#ifndef WOLFSSL_SP_NO_3072
|
||||
if (mp_count_bits(&key->p) == 3072) {
|
||||
if (mp_init(y) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
ret = MP_INIT_E;
|
||||
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
if (ret == 0) {
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
|
||||
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree, agreeSz);
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree, agreeSz);
|
||||
|
||||
mp_clear(y);
|
||||
mp_clear(y);
|
||||
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
|
||||
/* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
|
||||
if ((ret == 0) &&
|
||||
@@ -2104,19 +2108,21 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
|
||||
#ifdef WOLFSSL_SP_4096
|
||||
if (mp_count_bits(&key->p) == 4096) {
|
||||
if (mp_init(y) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
ret = MP_INIT_E;
|
||||
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
if (ret == 0) {
|
||||
SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
|
||||
|
||||
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_4096(y, priv, privSz, &key->p, agree, agreeSz);
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_4096(y, priv, privSz, &key->p, agree, agreeSz);
|
||||
|
||||
mp_clear(y);
|
||||
mp_clear(y);
|
||||
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
RESTORE_VECTOR_REGISTERS();
|
||||
}
|
||||
|
||||
/* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
|
||||
if ((ret == 0) &&
|
||||
|
||||
@@ -2195,7 +2195,7 @@ static int dilithium_rej_ntt_poly_ex(wc_Shake* shake128, byte* seed, sword32* a,
|
||||
static int dilithium_rej_ntt_poly(wc_Shake* shake128, byte* seed, sword32* a,
|
||||
void* heap)
|
||||
{
|
||||
int ret;
|
||||
int ret = 0;
|
||||
#if defined(WOLFSSL_SMALL_STACK)
|
||||
byte* h = NULL;
|
||||
#else
|
||||
@@ -2212,7 +2212,8 @@ static int dilithium_rej_ntt_poly(wc_Shake* shake128, byte* seed, sword32* a,
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = dilithium_rej_ntt_poly_ex(shake128, seed, a, h);
|
||||
if (ret == 0)
|
||||
ret = dilithium_rej_ntt_poly_ex(shake128, seed, a, h);
|
||||
|
||||
#if defined(WOLFSSL_SMALL_STACK)
|
||||
XFREE(h, heap, DYNAMIC_TYPE_DILITHIUM);
|
||||
@@ -6076,6 +6077,7 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key,
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->s1, 0, params->aSz);
|
||||
key->s2 = key->s1 + params->s1Sz / sizeof(*s1);
|
||||
key->t0 = key->s2 + params->s2Sz / sizeof(*s2);
|
||||
}
|
||||
@@ -7223,6 +7225,9 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu,
|
||||
if (key->a == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->a, 0, params->aSz);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
if (ret == 0) {
|
||||
@@ -7237,6 +7242,9 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu,
|
||||
if (key->t1 == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->t1, 0, params->s2Sz);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
if (ret == 0) {
|
||||
@@ -7259,6 +7267,7 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu,
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(z, 0, allocSz);
|
||||
c = z + params->s1Sz / sizeof(*z);
|
||||
w = c + DILITHIUM_N;
|
||||
#ifndef WC_DILITHIUM_CACHE_PUB_VECTORS
|
||||
@@ -7387,6 +7396,7 @@ static int dilithium_verify_mu(dilithium_key* key, const byte* mu,
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(z, 0, allocSz);
|
||||
c = z + params->s1Sz / sizeof(*t1);
|
||||
w = c + DILITHIUM_N;
|
||||
t1 = w + DILITHIUM_N;
|
||||
@@ -8908,6 +8918,7 @@ int wc_dilithium_check_key(dilithium_key* key)
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(s1, 0, allocSz);
|
||||
s2 = s1 + params->s1Sz / sizeof(*s1);
|
||||
t0 = s2 + params->s2Sz / sizeof(*s2);
|
||||
t = t0 + params->s2Sz / sizeof(*t0);
|
||||
@@ -9197,6 +9208,9 @@ int wc_dilithium_import_public(const byte* in, word32 inLen, dilithium_key* key)
|
||||
if (key->t1 == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->t1, 0, key->params->s2Sz);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
}
|
||||
@@ -9213,6 +9227,9 @@ int wc_dilithium_import_public(const byte* in, word32 inLen, dilithium_key* key)
|
||||
if (key->a == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->a, 0, params->aSz);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
}
|
||||
@@ -9282,6 +9299,9 @@ static int dilithium_set_priv_key(const byte* priv, word32 privSz,
|
||||
if (key->a == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->a, 0, params->aSz);
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -9303,6 +9323,9 @@ static int dilithium_set_priv_key(const byte* priv, word32 privSz,
|
||||
if (key->s1 == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(key->s1, 0, params->s1Sz + params->s2Sz + params->s2Sz);
|
||||
}
|
||||
if (ret == 0) {
|
||||
/* Set pointers into allocated memory. */
|
||||
key->s2 = key->s1 + params->s1Sz / sizeof(*key->s1);
|
||||
|
||||
+22
-8
@@ -1576,7 +1576,7 @@ static int xil_mpi_import(mp_int *mpi,
|
||||
#endif
|
||||
|
||||
#define DECLARE_CURVE_SPECS(intcount) ecc_curve_spec* curve = NULL
|
||||
#define ALLOC_CURVE_SPECS(intcount, err) WC_DO_NOTHING
|
||||
#define ALLOC_CURVE_SPECS(intcount, err) (err) = MP_OKAY
|
||||
#define FREE_CURVE_SPECS() WC_DO_NOTHING
|
||||
#elif defined(WOLFSSL_SMALL_STACK)
|
||||
#ifdef WOLFSSL_SP_MATH_ALL
|
||||
@@ -1588,13 +1588,17 @@ static int xil_mpi_import(mp_int *mpi,
|
||||
curve->spec_count = intcount
|
||||
|
||||
#define ALLOC_CURVE_SPECS(intcount, err) \
|
||||
do { \
|
||||
spec_ints = (unsigned char*)XMALLOC(MP_INT_SIZEOF(MP_BITS_CNT( \
|
||||
MAX_ECC_BITS_USE)) * (intcount), NULL, \
|
||||
DYNAMIC_TYPE_ECC); \
|
||||
if (spec_ints == NULL) \
|
||||
(err) = MEMORY_E; \
|
||||
else \
|
||||
curve->spec_ints = spec_ints
|
||||
else { \
|
||||
curve->spec_ints = spec_ints; \
|
||||
(err) = MP_OKAY; \
|
||||
} \
|
||||
} while (0)
|
||||
#else
|
||||
#define DECLARE_CURVE_SPECS(intcount) \
|
||||
mp_int* spec_ints = NULL; \
|
||||
@@ -1604,12 +1608,16 @@ static int xil_mpi_import(mp_int *mpi,
|
||||
curve->spec_count = intcount
|
||||
|
||||
#define ALLOC_CURVE_SPECS(intcount, err) \
|
||||
do { \
|
||||
spec_ints = (mp_int*)XMALLOC(sizeof(mp_int) * (intcount), NULL, \
|
||||
DYNAMIC_TYPE_ECC); \
|
||||
if (spec_ints == NULL) \
|
||||
(err) = MEMORY_E; \
|
||||
else \
|
||||
curve->spec_ints = spec_ints
|
||||
else { \
|
||||
curve->spec_ints = spec_ints; \
|
||||
(err) = MP_OKAY; \
|
||||
} \
|
||||
} while (0)
|
||||
#endif
|
||||
#define FREE_CURVE_SPECS() \
|
||||
XFREE(spec_ints, NULL, DYNAMIC_TYPE_ECC)
|
||||
@@ -1632,7 +1640,7 @@ static int xil_mpi_import(mp_int *mpi,
|
||||
curve->spec_ints = spec_ints; \
|
||||
curve->spec_count = (intcount)
|
||||
#endif
|
||||
#define ALLOC_CURVE_SPECS(intcount, err) WC_DO_NOTHING
|
||||
#define ALLOC_CURVE_SPECS(intcount, err) (err) = MP_OKAY
|
||||
#define FREE_CURVE_SPECS() WC_DO_NOTHING
|
||||
#endif /* ECC_CACHE_CURVE */
|
||||
|
||||
@@ -6653,6 +6661,10 @@ static int wc_ecc_sign_hash_async(const byte* in, word32 inlen, byte* out,
|
||||
#if !defined(WOLFSSL_ASYNC_CRYPT_SW) && defined(HAVE_ECC_CDH)
|
||||
DECLARE_CURVE_SPECS(1);
|
||||
ALLOC_CURVE_SPECS(1, err);
|
||||
if (err != MP_OKAY) {
|
||||
WOLFSSL_MSG("ALLOC_CURVE_SPECS failed");
|
||||
break;
|
||||
}
|
||||
|
||||
/* get curve order */
|
||||
err = wc_ecc_curve_load(key->dp, &curve, ECC_CURVE_FIELD_ORDER);
|
||||
@@ -9380,7 +9392,6 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
|
||||
#if !defined(WOLFSSL_SP_MATH) || defined(FREESCALE_LTC_ECC)
|
||||
if (!curveLoaded) {
|
||||
err = 0; /* potential for NOT_COMPILED_IN error from SP attempt */
|
||||
ALLOC_CURVE_SPECS(ECC_CURVE_FIELD_COUNT, err);
|
||||
if (err != 0) {
|
||||
return err;
|
||||
@@ -10134,6 +10145,10 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ALLOC_CURVE_SPECS(3, err);
|
||||
if (err != MP_OKAY) {
|
||||
WOLFSSL_MSG("ALLOC_CURVE_SPECS failed");
|
||||
return err;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_NO_MALLOC
|
||||
res = &lcl_res;
|
||||
@@ -10275,7 +10290,6 @@ static int ecc_check_privkey_gen_helper(ecc_key* key)
|
||||
/* Hardware based private key, so this operation is not supported */
|
||||
err = MP_OKAY; /* just report success */
|
||||
#else
|
||||
err = MP_OKAY;
|
||||
ALLOC_CURVE_SPECS(2, err);
|
||||
|
||||
/* load curve info */
|
||||
|
||||
@@ -1021,8 +1021,10 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey,
|
||||
#ifdef ECC_TIMING_RESISTANT
|
||||
rng = wc_rng_new(NULL, 0, hpke->heap);
|
||||
|
||||
if (rng == NULL)
|
||||
return RNG_FAILURE_E;
|
||||
if (rng == NULL) {
|
||||
ret = RNG_FAILURE_E;
|
||||
break;
|
||||
}
|
||||
|
||||
wc_ecc_set_rng((ecc_key*)receiverKey, rng);
|
||||
#endif
|
||||
|
||||
@@ -289,6 +289,7 @@ static int GetSafeContent(WC_PKCS12* pkcs12, const byte* input,
|
||||
if (wc_BerToDer(input, safe->dataSz, NULL,
|
||||
&pkcs12->safeDersz) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
|
||||
WOLFSSL_MSG("Not BER sequence");
|
||||
freeSafe(safe, pkcs12->heap);
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
|
||||
|
||||
+59
-29
@@ -297,7 +297,9 @@ static int wc_PKCS7_AddDataToStream(wc_PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
}
|
||||
|
||||
/* check if internal buffer size needs to be increased */
|
||||
if (len + pkcs7->stream->length > pkcs7->stream->bufferSz) {
|
||||
if ((len + pkcs7->stream->length > pkcs7->stream->bufferSz) ||
|
||||
(pkcs7->stream->buffer == NULL))
|
||||
{
|
||||
int ret = wc_PKCS7_GrowStream(pkcs7, expected);
|
||||
if (ret < 0) {
|
||||
return ret;
|
||||
@@ -11530,6 +11532,10 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
ret = wc_ecc_export_x963(kari->senderKey, NULL, &tmpKeySz);
|
||||
PRIVATE_KEY_LOCK();
|
||||
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
|
||||
wc_PKCS7_KariFree(kari);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -11544,12 +11550,20 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
tmpKeyDer = (byte*)XMALLOC(tmpKeySz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tmpKeyDer == NULL) {
|
||||
wc_PKCS7_KariFree(kari);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
#endif
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
ret = wc_EccPublicKeyToDer(kari->senderKey, tmpKeyDer,
|
||||
tmpKeySz, 1);
|
||||
if (ret < 0) {
|
||||
wc_PKCS7_KariFree(kari);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
#endif
|
||||
XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
@@ -12889,17 +12903,20 @@ int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output,
|
||||
(int)pkcs7->unauthAttribsSz);
|
||||
unauthAttribsCount = pkcs7->unauthAttribsSz;
|
||||
|
||||
flatUnauthAttribs = (byte*)XMALLOC(unauthAttribsSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_PKCS7);
|
||||
if (flatUnauthAttribs == NULL) {
|
||||
wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
|
||||
XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
return MEMORY_E;
|
||||
if (unauthAttribsSz > 0) {
|
||||
flatUnauthAttribs = (byte*)XMALLOC(unauthAttribsSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_PKCS7);
|
||||
if (flatUnauthAttribs == NULL) {
|
||||
wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
|
||||
XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
FlattenAttributes(pkcs7, flatUnauthAttribs, unauthAttribs,
|
||||
(int)unauthAttribsCount);
|
||||
}
|
||||
|
||||
FlattenAttributes(pkcs7, flatUnauthAttribs, unauthAttribs,
|
||||
(int)unauthAttribsCount);
|
||||
unauthAttribsSetSz = SetImplicit(ASN_SET, 2, unauthAttribsSz,
|
||||
unauthAttribSet, 0);
|
||||
}
|
||||
@@ -13098,8 +13115,10 @@ int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output,
|
||||
if (unauthAttribsSz > 0) {
|
||||
XMEMCPY(output + idx, unauthAttribSet, unauthAttribsSetSz);
|
||||
idx += (int)unauthAttribsSetSz;
|
||||
XMEMCPY(output + idx, flatUnauthAttribs, unauthAttribsSz);
|
||||
idx += (int)unauthAttribsSz;
|
||||
if (unauthAttribsSz > 0) {
|
||||
XMEMCPY(output + idx, flatUnauthAttribs, unauthAttribsSz);
|
||||
idx += (int)unauthAttribsSz;
|
||||
}
|
||||
}
|
||||
|
||||
XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
@@ -13926,23 +13945,27 @@ int wc_PKCS7_EncodeEncryptedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
pkcs7->unprotectedAttribs,
|
||||
(int)pkcs7->unprotectedAttribsSz);
|
||||
|
||||
flatAttribs = (byte*)XMALLOC(attribsSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_PKCS7);
|
||||
if (flatAttribs == NULL) {
|
||||
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
return MEMORY_E;
|
||||
if (attribsSz > 0) {
|
||||
flatAttribs = (byte*)XMALLOC(attribsSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_PKCS7);
|
||||
if (flatAttribs == NULL) {
|
||||
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
ret = FlattenAttributes(pkcs7, flatAttribs, attribs,
|
||||
(int)attribsCount);
|
||||
if (ret != 0) {
|
||||
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
ret = FlattenAttributes(pkcs7, flatAttribs, attribs, (int)attribsCount);
|
||||
if (ret != 0) {
|
||||
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
return ret;
|
||||
}
|
||||
attribsSetSz = SetImplicit(ASN_SET, 1, attribsSz, attribSet, 0);
|
||||
|
||||
} else {
|
||||
@@ -14009,8 +14032,10 @@ int wc_PKCS7_EncodeEncryptedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
if (pkcs7->unprotectedAttribsSz != 0) {
|
||||
XMEMCPY(output + idx, attribSet, attribsSetSz);
|
||||
idx += (int)attribsSetSz;
|
||||
XMEMCPY(output + idx, flatAttribs, attribsSz);
|
||||
idx += (int)attribsSz;
|
||||
if (attribsSz > 0) {
|
||||
XMEMCPY(output + idx, flatAttribs, attribsSz);
|
||||
idx += (int)attribsSz;
|
||||
}
|
||||
}
|
||||
|
||||
XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
@@ -14324,6 +14349,11 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
version = (int)pkcs7->stream->vers;
|
||||
tmpIv = pkcs7->stream->tmpIv;
|
||||
#endif
|
||||
if (encryptedContentSz <= 0) {
|
||||
ret = BUFFER_E;
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret == 0 && (encryptedContent = (byte*)XMALLOC(
|
||||
(unsigned int)encryptedContentSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_PKCS7)) == NULL) {
|
||||
|
||||
@@ -840,6 +840,8 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen,
|
||||
goto end;
|
||||
}
|
||||
|
||||
XMEMSET(y, 0, (size_t)(blockSize * 128));
|
||||
|
||||
/* Step 1. */
|
||||
ret = wc_PBKDF2(blocks, passwd, passLen, salt, saltLen, 1, (int)blocksSz,
|
||||
WC_SHA256);
|
||||
|
||||
@@ -646,6 +646,8 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
|
||||
ret = wc_RsaEncryptSize(key);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
else if (ret == 0)
|
||||
return BAD_FUNC_ARG;
|
||||
sigLen = (word32)ret;
|
||||
|
||||
WOLFSSL_MSG("Doing RSA consistency test");
|
||||
@@ -1756,6 +1758,7 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
if (tmp == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(tmp, 0, (size_t)maskLen);
|
||||
#endif
|
||||
|
||||
if ((ret = RsaMGF(mgf, pkcsBlock + maskLen, (word32)hLen, tmp, (word32)maskLen,
|
||||
|
||||
@@ -12003,9 +12003,14 @@ int sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
|
||||
}
|
||||
|
||||
/* Need extra digit during calculation. */
|
||||
/* NOLINTBEGIN(clang-analyzer-core.UndefinedBinaryOperatorResult) */
|
||||
/* clang-tidy falsely believes that r->size was corrupted by the _sp_copy()
|
||||
* to "Copy base into working variable" in _sp_exptmod_ex().
|
||||
*/
|
||||
if ((err == MP_OKAY) && (a->used + b->used > r->size)) {
|
||||
err = MP_VAL;
|
||||
}
|
||||
/* NOLINTEND(clang-analyzer-core.UndefinedBinaryOperatorResult) */
|
||||
|
||||
#if 0
|
||||
if (err == MP_OKAY) {
|
||||
|
||||
@@ -2400,8 +2400,10 @@ static int kyber_gen_matrix_c(KYBER_PRF_T* prf, sword16* a, int kp, byte* seed,
|
||||
|
||||
#if !defined(WOLFSSL_KYBER_SMALL) && defined(WC_64BIT_CPU)
|
||||
/* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
|
||||
rand[GEN_MATRIX_SIZE+0] = 0xff;
|
||||
rand[GEN_MATRIX_SIZE+1] = 0xff;
|
||||
if (ret == 0) {
|
||||
rand[GEN_MATRIX_SIZE+0] = 0xff;
|
||||
rand[GEN_MATRIX_SIZE+1] = 0xff;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Generate each vector of polynomials. */
|
||||
|
||||
@@ -2097,8 +2097,10 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState,
|
||||
#endif /* WOLFSSL_SMALL_STACK */
|
||||
|
||||
/* Public key, root node, is top of data stack. */
|
||||
XMEMCPY(stack, stackCache->stack, params->height * params->hash_len);
|
||||
sp = stack + stackCache->offset;
|
||||
if (ret == 0) {
|
||||
XMEMCPY(stack, stackCache->stack, params->height * params->hash_len);
|
||||
sp = stack + stackCache->offset;
|
||||
}
|
||||
|
||||
/* Compute all nodes requested. */
|
||||
for (i = min_idx; (ret == 0) && (i <= max_idx); i++) {
|
||||
@@ -2193,7 +2195,7 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState,
|
||||
}
|
||||
}
|
||||
|
||||
if (!useRoot) {
|
||||
if (!useRoot && (ret == 0)) {
|
||||
/* Copy stack back. */
|
||||
XMEMCPY(stackCache->stack, stack, params->height * params->hash_len);
|
||||
stackCache->offset = (word32)((size_t)sp - (size_t)stack);
|
||||
|
||||
@@ -2653,6 +2653,9 @@ static int wc_xmss_bds_state_alloc(const XmssParams* params, BdsState** bds)
|
||||
if (*bds == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMSET(*bds, 0, sizeof(BdsState) * cnt);
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
@@ -2831,6 +2834,10 @@ static void wc_xmss_bds_next_idx(XmssState* state, BdsState* bds,
|
||||
/* HDSS, Section 4.5, 1: AUTH[h] = v[h][1], h = 0,...,H-1.
|
||||
* Cache left node if on authentication path. */
|
||||
if ((i >> h) == 1) {
|
||||
if (bds->authPath == NULL) {
|
||||
state->ret = WC_FAILURE;
|
||||
return;
|
||||
}
|
||||
XMEMCPY(bds->authPath + h * n, node, n);
|
||||
}
|
||||
/* This is a right node. */
|
||||
@@ -2910,8 +2917,10 @@ static void wc_xmss_bds_treehash_initial(XmssState* state, BdsState* bds,
|
||||
bds->offset = 0;
|
||||
bds->next = 0;
|
||||
/* Reset the hash tree status. */
|
||||
for (i = 0; i < hsk; i++) {
|
||||
wc_xmss_bds_state_treehash_init(bds, i);
|
||||
if (bds->treeHash != NULL) {
|
||||
for (i = 0; i < hsk; i++) {
|
||||
wc_xmss_bds_state_treehash_init(bds, i);
|
||||
}
|
||||
}
|
||||
|
||||
/* Copy hash address into local. */
|
||||
@@ -3046,6 +3055,11 @@ static word8 wc_xmss_bds_treehash_updates(XmssState* state, BdsState* bds,
|
||||
const word8 hs = params->sub_h;
|
||||
const word8 hsk = params->sub_h - params->bds_k;
|
||||
|
||||
if (bds->treeHash == NULL) {
|
||||
state->ret = WC_FAILURE;
|
||||
return 0;
|
||||
}
|
||||
|
||||
while (updates > 0) {
|
||||
word8 minH = hs;
|
||||
word8 h = hsk;
|
||||
@@ -3116,6 +3130,10 @@ static void wc_xmss_bds_update(XmssState* state, BdsState* bds,
|
||||
HashAddress addrCopy;
|
||||
|
||||
XMSS_ADDR_OTS_SET_SUBTREE(addrCopy, addr);
|
||||
if (bds->height == NULL) {
|
||||
state->ret = WC_FAILURE;
|
||||
return;
|
||||
}
|
||||
wc_xmss_bds_next_idx(state, bds, sk_seed, pk_seed, addrCopy, bds->next,
|
||||
bds->height, &bds->offset, &sp);
|
||||
bds->offset++;
|
||||
@@ -3172,6 +3190,11 @@ static void wc_xmss_bds_auth_path(XmssState* state, BdsState* bds,
|
||||
byte* node = state->encMsg;
|
||||
word8 parent;
|
||||
|
||||
if ((bds->keep == NULL) || (bds->authPath == NULL)) {
|
||||
state->ret = WC_FAILURE;
|
||||
return;
|
||||
}
|
||||
|
||||
/* Step 1. Find the height of first left node in authentication path. */
|
||||
tau = wc_xmss_lowest_zero_bit_index(leafIdx, hs, &parent);
|
||||
if (tau == 0) {
|
||||
@@ -3838,10 +3861,16 @@ static int wc_xmssmt_sign_msg(XmssState* state, BdsState* bds, XmssIdx idx,
|
||||
}
|
||||
if (ret == 0) {
|
||||
word8 i;
|
||||
byte *authPath;
|
||||
|
||||
sig += params->wots_sig_len;
|
||||
/* Add authentication path. */
|
||||
XMEMCPY(sig, bds[BDS_IDX(idx, 0, hs, params->d)].authPath, hs * n);
|
||||
authPath = bds[BDS_IDX(idx, 0, hs, params->d)].authPath;
|
||||
if (authPath == NULL) {
|
||||
state->ret = WC_FAILURE;
|
||||
return state->ret;
|
||||
}
|
||||
XMEMCPY(sig, authPath, hs * n);
|
||||
sig += hs * n;
|
||||
|
||||
/* Remaining iterations from storage. */
|
||||
@@ -3851,7 +3880,12 @@ static int wc_xmssmt_sign_msg(XmssState* state, BdsState* bds, XmssIdx idx,
|
||||
params->wots_sig_len);
|
||||
sig += params->wots_sig_len;
|
||||
/* Add authentication path (auth) and calc new root. */
|
||||
XMEMCPY(sig, bds[BDS_IDX(idx, i, hs, params->d)].authPath, hs * n);
|
||||
authPath = bds[BDS_IDX(idx, i, hs, params->d)].authPath;
|
||||
if (authPath == NULL) {
|
||||
state->ret = WC_FAILURE;
|
||||
return state->ret;
|
||||
}
|
||||
XMEMCPY(sig, authPath, hs * n);
|
||||
sig += hs * n;
|
||||
}
|
||||
ret = state->ret;
|
||||
|
||||
+346
-354
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user