Various scan-build fixes.

2025-07-30 18:57:27 +02:00 · 2022-04-21 14:44:23 -07:00
parent 3755b88a02
commit 84a33183a6
4 changed files with 13 additions and 11 deletions
--- a/examples/client/client.c
+++ b/examples/client/client.c
@ -2069,7 +2069,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
    (void)resumeScr;
    (void)ourKey;
    (void)ourCert;
-    (void)customVerifyCert;
    (void)verifyCert;
    (void)useClientCert;
    (void)disableCRL;
@ -3898,7 +3897,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)

                        if (ret == WOLFSSL_SUCCESS) {
                            printf("NON-BLOCKING RENEGOTIATION SUCCESSFUL\n");
-                            err = 0;
                        }
                    }
                    if (ret != WOLFSSL_SUCCESS) {
@ -4342,6 +4340,7 @@ exit:
    (void) ourCert;
    (void) ourKey;
    (void) useVerifyCb;
+    (void) customVerifyCert;

 #if !defined(WOLFSSL_TIRTOS)
    return 0;
--- a/src/internal.c
+++ b/src/internal.c
@ -10741,12 +10741,16 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
 #endif
    }

-    /* store cert for potential retrieval */
-    if (AllocDer(&x509->derCert, dCert->maxIdx, CERT_TYPE, x509->heap) == 0) {
-        XMEMCPY(x509->derCert->buffer, dCert->source, dCert->maxIdx);
-    }
-    else {
-        ret = MEMORY_E;
+    /* if der contains original source buffer then store for potential
+     * retrieval */
+    if (dCert->source != NULL && dCert->maxIdx > 0) {
+        if (AllocDer(&x509->derCert, dCert->maxIdx, CERT_TYPE, x509->heap)
+                                                                         == 0) {
+            XMEMCPY(x509->derCert->buffer, dCert->source, dCert->maxIdx);
+        }
+        else {
+            ret = MEMORY_E;
+        }
    }

    x509->altNames       = dCert->altNames;
--- a/src/ssl.c
+++ b/src/ssl.c
@ -7600,7 +7600,6 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
                if (ret != WOLFSSL_SUCCESS) {
                    WOLFSSL_MSG("wolfSSL_CTX_trust_peer_cert error. Ignoring"
                            "this error.");
-                    ret = WOLFSSL_SUCCESS;
                }
    #endif
                successCount++;
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@ -16674,11 +16674,11 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
    #ifdef HAVE_FFDHE_4096
    #ifdef HAVE_PUBLIC_FFDHE
    ret = dh_ffdhe_test(&rng, wc_Dh_ffdhe4096_Get());
-    if (ret != 0)
-        ERROR_OUT(-8128, done);
    #else
    ret = dh_ffdhe_test(&rng, WC_FFDHE_4096);
    #endif
+    if (ret != 0)
+        ERROR_OUT(-8128, done);
    #endif
 #endif /* !WC_NO_RNG */
 #endif /* HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM64_ASM */