fixes from Fenrir review:

linuxkm/linuxkm_wc_port.h: strcpy() takes 2 args.

wolfcrypt/src/aes.c: add VECTOR_REGISTERS_PUSH2() and use it to free tmp in smallstack path if the push fails.
This commit is contained in:
Daniel Pouzzner
2026-07-01 13:46:11 -05:00
parent 8b29a95da4
commit ed4fb32c92
2 changed files with 29 additions and 8 deletions
+6 -6
View File
@@ -1834,14 +1834,14 @@
* Fix that with explicit mappings here.
*/
#ifdef CONFIG_KMSAN
#define memcpy(d,s,l) __builtin_memcpy((d),(s),(l))
#define memset(d,v,l) __builtin_memset((d),(v),(l))
#define memmove(d,s,l) __builtin_memmove((d),(s),(l))
#define strcpy(d,s,l) __builtin_strcpy((d),(s),(l))
#define memcpy(d, s, l) __builtin_memcpy(d, s, l)
#define memset(d, v, l) __builtin_memset(d, v, l)
#define memmove(d, s, l) __builtin_memmove(d, s, l)
#define strcpy(d, s) __builtin_strcpy(d, s)
#if LINUX_VERSION_CODE < KERNEL_VERSION(7, 2, 0)
#define strncpy(d,s,l) __builtin_strncpy((d),(s),(l))
#define strncpy(d, s, l) __builtin_strncpy(d, s, l)
#endif
#define strncat(d,s,l) __builtin_strncat((d),(s),(l))
#define strncat(d, s, l) __builtin_strncat(d, s, l)
#endif
#endif /* BUILDING_WOLFSSL */
+23 -2
View File
@@ -5928,6 +5928,14 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
} \
WC_DO_NOTHING
#define VECTOR_REGISTERS_PUSH2(fail_clause) { \
int orig_use_aesni = aes->use_aesni; \
if (aes->use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) { \
aes->use_aesni = 0; \
} \
WC_DO_NOTHING
#define VECTOR_REGISTERS_POP \
if (aes->use_aesni) \
RESTORE_VECTOR_REGISTERS(); \
@@ -5941,18 +5949,28 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#define VECTOR_REGISTERS_PUSH { \
WC_DO_NOTHING
#define VECTOR_REGISTERS_PUSH2(fail_clause) { \
WC_DO_NOTHING
#define VECTOR_REGISTERS_POP \
} \
WC_DO_NOTHING
#else
#define VECTOR_REGISTERS_PUSH { \
#define VECTOR_REGISTERS_PUSH { \
if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
return ret; \
} \
WC_DO_NOTHING
#define VECTOR_REGISTERS_PUSH2(fail_clause) { \
if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
{ fail_clause } \
return ret; \
} \
WC_DO_NOTHING
#define VECTOR_REGISTERS_POP \
if (aes->use_aesni) { \
RESTORE_VECTOR_REGISTERS(); \
@@ -5965,6 +5983,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#else /* !WOLFSSL_AESNI */
#define VECTOR_REGISTERS_PUSH WC_DO_NOTHING
#define VECTOR_REGISTERS_PUSH2(fail_clause) WC_DO_NOTHING
#define VECTOR_REGISTERS_POP WC_DO_NOTHING
#endif /* !WOLFSSL_AESNI */
@@ -15552,9 +15571,11 @@ static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
*/
if (sz >= WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE)
tmp = (byte *)XMALLOC(WC_AES_CFB_DEC_BUF_BLOCKS * WC_AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_AES);
#endif
VECTOR_REGISTERS_PUSH2(XFREE(tmp, NULL, DYNAMIC_TYPE_AES););
#else
VECTOR_REGISTERS_PUSH;
#endif
#if defined(HAVE_AES_ECB) && \
!defined(WOLFSSL_PIC32MZ_CRYPT) && \