From 0b0b980784e86d8f4f02e13ffa3f04c192ca474c Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 5 Jan 2023 17:59:10 -0600 Subject: [PATCH 1/2] fix an oversight in wolfSentry integration in examples/{client,server}. --- examples/client/client.c | 2 +- examples/server/server.c | 2 +- wolfssl/test.h | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 973fb21f1..5d02868da 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -4456,7 +4456,7 @@ exit: #ifdef WOLFSSL_WOLFSENTRY_HOOKS wolfsentry_ret = - wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX(&wolfsentry)); + wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL)); if (wolfsentry_ret < 0) { fprintf(stderr, "wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n", diff --git a/examples/server/server.c b/examples/server/server.c index 5d6db17af..475a472fd 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -3715,7 +3715,7 @@ exit: #ifdef WOLFSSL_WOLFSENTRY_HOOKS wolfsentry_ret = - wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX(&wolfsentry)); + wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL)); if (wolfsentry_ret < 0) { fprintf(stderr, "wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n", diff --git a/wolfssl/test.h b/wolfssl/test.h index 12a97349c..3b1da23ca 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -1422,6 +1422,7 @@ static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp) #ifndef HAVE_WOLFSENTRY_API_0v8 #define WOLFSENTRY_CONTEXT_ARGS_OUT_EX(x) (x) +#define WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(x, y) (x) #endif struct wolfsentry_data { From d44130d807d2c037dc16a1d2263c2824912870bc Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 5 Jan 2023 18:40:51 -0600 Subject: [PATCH 2/2] src/ssl.c: revert 2c2740d0dc, as it duplicates optimizer functionality, and produces bugprone-sizeof-expression on clang-tidy and sizeofwithnumericparameter on cppcheck. --- src/ssl.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 6e7620bd5..61925bcd8 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -35917,8 +35917,7 @@ int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w) return WOLFSSL_FAILURE; } - /* Check operand sizes before value check to avoid pointless comparison */ - if ((sizeof(w) <= sizeof(MP_MASK)) || (w <= (WOLFSSL_BN_ULONG)MP_MASK)) { + if (w <= (WOLFSSL_BN_ULONG)MP_MASK) { if (mp_isword((mp_int*)bn->internal, (mp_digit)w) == MP_YES) { return WOLFSSL_SUCCESS; } @@ -36576,8 +36575,7 @@ static int wolfSSL_BN_add_word_int(WOLFSSL_BIGNUM *bn, WOLFSSL_BN_ULONG w, } if (ret == WOLFSSL_SUCCESS) { - /* Check operand sizes before value check to avoid pointless comparison */ - if ((sizeof(w) <= sizeof(MP_MASK)) || (w <= (WOLFSSL_BN_ULONG)MP_MASK)) { + if (w <= (WOLFSSL_BN_ULONG)MP_MASK) { if (sub == 1) { rc = mp_sub_d((mp_int*)bn->internal, (mp_digit)w, (mp_int*)bn->internal); @@ -36889,8 +36887,7 @@ WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM *bn, return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR; } - /* Check operand sizes before value check to avoid pointless comparison */ - if ((sizeof(w) <= sizeof(MP_MASK)) || (w <= (WOLFSSL_BN_ULONG)MP_MASK)) { + if (w <= (WOLFSSL_BN_ULONG)MP_MASK) { mp_digit bn_ret; if (mp_mod_d((mp_int*)bn->internal, (mp_digit)w, &bn_ret) != MP_OKAY) { WOLFSSL_MSG("mp_add_d error");