wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 06:39:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

analyzer-driven cleanups of --enable-dtls13 --enable-dtls-mtu --enable-dtls-frag-ch:

Browse Source 
Dtls13HashClientHello(): fix wc_HashType handling;

Dtls13SendFragment(): fix identicalConditionAfterEarlyExit;

GetDtlsRecordHeader(): fix error handling around GetDtls13RecordHeader() (incorrectLogicOperator);

test_wolfSSL_dtls_stateless_maxfrag(): fix a clang-analyzer-core.NullDereference,
test_dtls_frag_ch(): fix a clang-diagnostic-embedded-directive,
test_AEAD_limit_client(): fix an united-data defect found by valgrind.
This commit is contained in:
Daniel Pouzzner
2024-10-17 00:06:32 -05:00
parent abc6edf4c7
commit fa65da7bb0
3 changed files with 19 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/dtls13.c
View File

@@ -495,22 +495,25 @@ int Dtls13HashClientHello(const WOLFSSL* ssl, byte* hash, int* hashSz,
wc_HashAlg hashCtx;
int type = wolfSSL_GetHmacType_ex(specs);
if (type < 0)
return type;
header[0] = (byte)client_hello;
c32to24(length, header + 1);
ret = wc_HashInit_ex(&hashCtx, type, ssl->heap, ssl->devId);
ret = wc_HashInit_ex(&hashCtx, (enum wc_HashType)type, ssl->heap, ssl->devId);
if (ret == 0) {
ret = wc_HashUpdate(&hashCtx, type, header, OPAQUE32_LEN);
ret = wc_HashUpdate(&hashCtx, (enum wc_HashType)type, header, OPAQUE32_LEN);
if (ret == 0)
ret = wc_HashUpdate(&hashCtx, type, body, length);
ret = wc_HashUpdate(&hashCtx, (enum wc_HashType)type, body, length);
if (ret == 0)
ret = wc_HashFinal(&hashCtx, type, hash);
ret = wc_HashFinal(&hashCtx, (enum wc_HashType)type, hash);
if (ret == 0) {
*hashSz = wc_HashGetDigestSize(type);
*hashSz = wc_HashGetDigestSize((enum wc_HashType)type);
if (*hashSz < 0)
ret = *hashSz;
}
wc_HashFree(&hashCtx, type);
wc_HashFree(&hashCtx, (enum wc_HashType)type);
}
return ret;
}
@@ -568,9 +571,6 @@ static int Dtls13SendFragment(WOLFSSL* ssl, byte* output, word16 output_size,
else {
msg = output + recordHeaderLength;
if (length <= recordHeaderLength)
return BUFFER_ERROR;
if (hashOutput) {
ret = Dtls13HashHandshake(ssl, msg, recordLength);
if (ret != 0)
@@ -1713,7 +1713,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
isFirst = fragOff == 0;
isComplete = isFirst && fragLength == messageLength;
if (!isComplete && !Dtls13AcceptFragmented(ssl, handshakeType)) {
if (!isComplete && !Dtls13AcceptFragmented(ssl, (enum HandShakeType)handshakeType)) {
#ifdef WOLFSSL_DTLS_CH_FRAG
byte tls13 = 0;
/* check if the first CH fragment contains a valid cookie */

4
src/internal.c
View File

@@ -11471,8 +11471,8 @@ static int GetDtlsRecordHeader(WOLFSSL* ssl, word32* inOutIdx,
if (ssl->options.tls1_3) {
ret = GetDtls13RecordHeader(ssl, inOutIdx, rh, size);
if (ret == 0 ||
ret != WC_NO_ERR_TRACE(SEQUENCE_ERROR) ||
ret != WC_NO_ERR_TRACE(DTLS_CID_ERROR))
((ret != WC_NO_ERR_TRACE(SEQUENCE_ERROR)) &&
(ret != WC_NO_ERR_TRACE(DTLS_CID_ERROR))))
return ret;
}