From 44b18de70499b617728a849d22ceaf7849e4e480 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 28 Dec 2023 15:06:21 -0600 Subject: [PATCH 1/2] fixes for cppcheck-2.13.0 --force: * fix null pointer derefs in wc_InitRsaKey_Id() and wc_InitRsaKey_Label() (nullPointerRedundantCheck). * fix use of wrong printf variant in rsip_vprintf() (wrongPrintfScanfArgNum). * fix wrong printf format in bench_xmss_sign_verify() (invalidPrintfArgType_sint). * add missing WOLFSSL_XFREE_NO_NULLNESS_CHECK variants of XFREE() (WOLFSSL_LINUXKM, FREESCALE_MQX, FREESCALE_KSDK_MQX). * suppress false-positive uninitvar on "limit" in CheckTLS13AEADSendLimit(). * suppress true-but-benign-positive autoVariables in DoClientHello(). * in wolfcrypt/src/ecc.c, refactor ECC_KEY_MAX_BITS() as a local function to resolve true-but-benign-positive identicalInnerCondition. * refactor flow in wc_ecc_sign_hash_ex() to resolve true-but-benign-positive identicalInnerCondition. --- linuxkm/linuxkm_wc_port.h | 12 ++++++++++-- src/internal.c | 8 ++++++-- wolfcrypt/benchmark/benchmark.c | 2 +- wolfcrypt/src/ecc.c | 29 ++++++++++++++++------------- wolfcrypt/src/rsa.c | 12 ++++++++---- wolfcrypt/test/test.c | 2 +- wolfssl/wolfcrypt/settings.h | 13 +++++++++++-- 7 files changed, 53 insertions(+), 25 deletions(-) diff --git a/linuxkm/linuxkm_wc_port.h b/linuxkm/linuxkm_wc_port.h index 3e738d00b..c155f5283 100644 --- a/linuxkm/linuxkm_wc_port.h +++ b/linuxkm/linuxkm_wc_port.h @@ -636,11 +636,19 @@ #ifdef WOLFSSL_TRACK_MEMORY #include #define XMALLOC(s, h, t) ({(void)(h); (void)(t); wolfSSL_Malloc(s);}) - #define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) wolfSSL_Free(_xp);}) + #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK + #define XFREE(p, h, t) ({(void)(h); (void)(t); wolfSSL_Free(p);}) + #else + #define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) wolfSSL_Free(_xp);}) + #endif #define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); wolfSSL_Realloc(p, n);}) #else #define XMALLOC(s, h, t) ({(void)(h); (void)(t); malloc(s);}) - #define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) free(_xp);}) + #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK + #define XFREE(p, h, t) ({(void)(h); (void)(t); free(p);}) + #else + #define XFREE(p, h, t) ({void* _xp; (void)(h); (void)(t); _xp = (p); if(_xp) free(_xp);}) + #endif #define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); realloc(p, n);}) #endif diff --git a/src/internal.c b/src/internal.c index c8730ad41..fd19b2ee1 100644 --- a/src/internal.c +++ b/src/internal.c @@ -23944,8 +23944,11 @@ static int CheckTLS13AEADSendLimit(WOLFSSL* ssl) ssl->keys.sequence_number_lo); } - if (w64GTE(seq, limit)) + if (w64GTE(seq, limit)) { /* cppcheck-suppress uninitvar + * (false positive from cppcheck-2.13.0) + */ return Tls13UpdateKeys(ssl); /* Need to generate new keys */ + } return 0; } @@ -35828,7 +35831,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif #ifdef OPENSSL_EXTRA - ssl->clSuites = clSuites; + ssl->clSuites = clSuites; /* cppcheck-suppress autoVariables + */ /* Give user last chance to provide a cert for cipher selection */ if (ret == 0 && ssl->ctx->certSetupCb != NULL) ret = CertSetupCbWrapper(ssl); diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 49803d6d9..352530d43 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -9641,7 +9641,7 @@ static void bench_xmss_sign_verify(const char * params) ret = wc_XmssKey_GetPubLen(&key, &pkSz); if (pkSz != XMSS_SHA256_PUBLEN) { - fprintf(stderr, "error: xmss pub len: got %d, expected %d\n", pkSz, + fprintf(stderr, "error: xmss pub len: got %u, expected %d\n", pkSz, XMSS_SHA256_PUBLEN); goto exit_xmss_sign_verify; } diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index c4ad9e8a6..0d0f7064a 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -251,17 +251,20 @@ ECC Curve Sizes: #else #define MAX_ECC_BITS_USE MAX_ECC_BITS_NEEDED #endif -#if !defined(WOLFSSL_CUSTOM_CURVES) && (ECC_MIN_KEY_SZ > 160) && \ - (!defined(HAVE_ECC_KOBLITZ) || (ECC_MIN_KEY_SZ > 224)) -#define ECC_KEY_MAX_BITS(key) \ - ((((key) == NULL) || ((key)->dp == NULL)) ? MAX_ECC_BITS_USE : \ - ((unsigned)((key)->dp->size * 8))) -#else -/* Add one bit for cases when order is a bit greater than prime. */ -#define ECC_KEY_MAX_BITS(key) \ - ((((key) == NULL) || ((key)->dp == NULL)) ? MAX_ECC_BITS_USE : \ - ((unsigned)((key)->dp->size * 8 + 1))) -#endif + +static WC_MAYBE_UNUSED WC_INLINE word32 ECC_KEY_MAX_BITS(const ecc_key *key) { + if (((key) == NULL) || ((key)->dp == NULL)) + return MAX_ECC_BITS_USE; + else { + #if !defined(WOLFSSL_CUSTOM_CURVES) && (ECC_MIN_KEY_SZ > 160) && \ + (!defined(HAVE_ECC_KOBLITZ) || (ECC_MIN_KEY_SZ > 224)) + return (word32)((key)->dp->size * 8); + #else + /* Add one bit for cases when order is a bit greater than prime. */ + return (word32)((key)->dp->size * 8 + 1); + #endif + } +} /* forward declarations */ static int wc_ecc_new_point_ex(ecc_point** point, void* heap); @@ -7263,10 +7266,10 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, pubkey = (ecc_key*)XMALLOC(sizeof(ecc_key), key->heap, DYNAMIC_TYPE_ECC); if (pubkey == NULL) err = MEMORY_E; + else #endif - + { /* don't use async for key, since we don't support async return here */ - if (err == MP_OKAY) { err = wc_ecc_init_ex(pubkey, key->heap, INVALID_DEVID); if (err == MP_OKAY) { err = ecc_sign_hash_sw(key, pubkey, rng, curve, e, r, s); diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 514ffb235..3382a5db2 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -267,8 +267,10 @@ int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap, ret = BUFFER_E; #if defined(HAVE_PKCS11) - XMEMSET(key, 0, sizeof(RsaKey)); - key->isPkcs11 = 1; + if (ret == 0) { + XMEMSET(key, 0, sizeof(RsaKey)); + key->isPkcs11 = 1; + } #endif if (ret == 0) @@ -302,8 +304,10 @@ int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap, int devId) } #if defined(HAVE_PKCS11) - XMEMSET(key, 0, sizeof(RsaKey)); - key->isPkcs11 = 1; + if (ret == 0) { + XMEMSET(key, 0, sizeof(RsaKey)); + key->isPkcs11 = 1; + } #endif if (ret == 0) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index a194d94d8..e5ad00575 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -212,7 +212,7 @@ const byte const_byte_array[] = "A+Gd\0\0\0"; int ret; char tmpBuf[80]; - ret = XSNPRINTF(tmpBuf, sizeof(tmpBuf), format, args); + ret = vsnprintf(tmpBuf, sizeof(tmpBuf), format, args); printf(tmpBuf); return ret; diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index dc12371b3..df7509bb9 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1193,7 +1193,12 @@ extern void uITRON4_free(void *p) ; #if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER) #define XMALLOC_OVERRIDE #define XMALLOC(s, h, t) ((void)(h), (void)(t), (void *)_mem_alloc_system((s))) - #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));} + #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK + #define XFREE(p, h, t) {(void)(h); (void)(t); _mem_free(p);} + #else + #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));} + #endif + /* Note: MQX has no realloc, using fastmath above */ #endif #ifdef USE_FAST_MATH @@ -1224,7 +1229,11 @@ extern void uITRON4_free(void *p) ; #endif #define XMALLOC(s, h, t) ((void)(h), (void)(t), (void *)_mem_alloc_system((s))) - #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));} + #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK + #define XFREE(p, h, t) {(void)(h); (void)(t); _mem_free(p);} + #else + #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));} + #endif #define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */ #define MQX_FILE_PTR FILE * From b17ec3b4bcdc369824fadc5ad010b360fad79a9c Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 28 Dec 2023 16:38:47 -0600 Subject: [PATCH 2/2] cppcheck-2.13.0 mitigations peer review: * add explanation in DoSessionTicket() re autoVariables. * re-refactor ECC_KEY_MAX_BITS() in ecc.c to use two separate macros, ECC_KEY_MAX_BITS() with same definition as before, and ECC_KEY_MAX_BITS_NONULLCHECK(). * in rsip_vprintf() use XVSNPRINTF() not vsnprintf(). * in types.h, fix fallthrough definition of WC_INLINE macro in !NO_INLINE cascade to be WC_MAYBE_UNUSED as it is when NO_INLINE. --- src/internal.c | 5 +++ wolfcrypt/src/ecc.c | 92 +++++++++++++++++++++------------------ wolfcrypt/test/test.c | 2 +- wolfssl/wolfcrypt/types.h | 2 +- 4 files changed, 57 insertions(+), 44 deletions(-) diff --git a/src/internal.c b/src/internal.c index fd19b2ee1..01e9de704 100644 --- a/src/internal.c +++ b/src/internal.c @@ -35832,6 +35832,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #ifdef OPENSSL_EXTRA ssl->clSuites = clSuites; /* cppcheck-suppress autoVariables + * + * (suppress warning that ssl, a persistent + * non-local allocation, has its ->clSuites + * set to clSuites, a local stack allocation. + * we clear this assignment before returning.) */ /* Give user last chance to provide a cert for cipher selection */ if (ret == 0 && ssl->ctx->certSetupCb != NULL) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 0d0f7064a..72ab563bf 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -252,19 +252,27 @@ ECC Curve Sizes: #define MAX_ECC_BITS_USE MAX_ECC_BITS_NEEDED #endif -static WC_MAYBE_UNUSED WC_INLINE word32 ECC_KEY_MAX_BITS(const ecc_key *key) { - if (((key) == NULL) || ((key)->dp == NULL)) - return MAX_ECC_BITS_USE; - else { - #if !defined(WOLFSSL_CUSTOM_CURVES) && (ECC_MIN_KEY_SZ > 160) && \ - (!defined(HAVE_ECC_KOBLITZ) || (ECC_MIN_KEY_SZ > 224)) - return (word32)((key)->dp->size * 8); - #else - /* Add one bit for cases when order is a bit greater than prime. */ - return (word32)((key)->dp->size * 8 + 1); - #endif - } -} +#if !defined(WOLFSSL_CUSTOM_CURVES) && (ECC_MIN_KEY_SZ > 160) && \ + (!defined(HAVE_ECC_KOBLITZ) || (ECC_MIN_KEY_SZ > 224)) + +#define ECC_KEY_MAX_BITS(key) \ + ((((key) == NULL) || ((key)->dp == NULL)) ? MAX_ECC_BITS_USE : \ + ((unsigned)((key)->dp->size * 8))) +#define ECC_KEY_MAX_BITS_NONULLCHECK(key) \ + (((key)->dp == NULL) ? MAX_ECC_BITS_USE : \ + ((unsigned)((key)->dp->size * 8))) + +#else + +/* Add one bit for cases when order is a bit greater than prime. */ +#define ECC_KEY_MAX_BITS(key) \ + ((((key) == NULL) || ((key)->dp == NULL)) ? MAX_ECC_BITS_USE : \ + ((unsigned)((key)->dp->size * 8 + 1))) +#define ECC_KEY_MAX_BITS_NONULLCHECK(key) \ + (((key)->dp == NULL) ? MAX_ECC_BITS_USE : \ + ((unsigned)((key)->dp->size * 8 + 1))) + +#endif /* forward declarations */ static int wc_ecc_new_point_ex(ecc_point** point, void* heap); @@ -3482,12 +3490,12 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap) XMEMSET(key, 0, sizeof(*key)); #if defined(WOLFSSL_SP_MATH_ALL) && defined(WOLFSSL_SMALL_STACK) - NEW_MP_INT_SIZE(key->t1, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC); - NEW_MP_INT_SIZE(key->t2, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(key->t1, ECC_KEY_MAX_BITS_NONULLCHECK(key), heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(key->t2, ECC_KEY_MAX_BITS_NONULLCHECK(key), heap, DYNAMIC_TYPE_ECC); #ifdef ALT_ECC_SIZE - NEW_MP_INT_SIZE(key->x, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC); - NEW_MP_INT_SIZE(key->y, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC); - NEW_MP_INT_SIZE(key->z, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(key->x, ECC_KEY_MAX_BITS_NONULLCHECK(key), heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(key->y, ECC_KEY_MAX_BITS_NONULLCHECK(key), heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(key->z, ECC_KEY_MAX_BITS_NONULLCHECK(key), heap, DYNAMIC_TYPE_ECC); #endif if (key->t1 == NULL || key->t2 == NULL #ifdef ALT_ECC_SIZE @@ -3497,20 +3505,20 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap) err = MEMORY_E; } if (err == 0) { - err = INIT_MP_INT_SIZE(key->t1, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(key->t1, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } if (err == 0) { - err = INIT_MP_INT_SIZE(key->t2, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(key->t2, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } #ifdef ALT_ECC_SIZE if (err == 0) { - err = INIT_MP_INT_SIZE(key->x, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(key->x, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } if (err == 0) { - err = INIT_MP_INT_SIZE(key->y, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(key->y, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } if (err == 0) { - err = INIT_MP_INT_SIZE(key->z, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(key->z, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } #endif #else @@ -6578,12 +6586,12 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, err = wc_ecc_sign_hash_async(in, inlen, out, outlen, rng, key); #else - NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (r == NULL) return MEMORY_E; #endif - NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (s == NULL) { FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC); @@ -6591,13 +6599,13 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, } #endif - err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key)); if (err != 0) { FREE_MP_INT_SIZE(s, key->heap, DYNAMIC_TYPE_ECC); FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC); return err; } - err = INIT_MP_INT_SIZE(s, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key)); if (err != 0) { FREE_MP_INT_SIZE(s, key->heap, DYNAMIC_TYPE_ECC); FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC); @@ -6722,16 +6730,16 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng, { int err = MP_OKAY; int loop_check = 0; - DECL_MP_INT_SIZE_DYN(b, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE); + DECL_MP_INT_SIZE_DYN(b, ECC_KEY_MAX_BITS_NONULLCHECK(key), MAX_ECC_BITS_USE); - NEW_MP_INT_SIZE(b, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(b, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (b == NULL) err = MEMORY_E; #endif if (err == MP_OKAY) { - err = INIT_MP_INT_SIZE(b, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(b, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } #ifdef WOLFSSL_CUSTOM_CURVES @@ -7125,7 +7133,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, } e = key->e; #else - NEW_MP_INT_SIZE(e_lcl, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(e_lcl, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (e_lcl == NULL) { return MEMORY_E; @@ -7136,7 +7144,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, /* get the hash and load it as a bignum into 'e' */ /* init the bignums */ - if ((err = INIT_MP_INT_SIZE(e, ECC_KEY_MAX_BITS(key))) != MP_OKAY) { + if ((err = INIT_MP_INT_SIZE(e, ECC_KEY_MAX_BITS_NONULLCHECK(key))) != MP_OKAY) { FREE_MP_INT_SIZE(e_lcl, key->heap, DYNAMIC_TYPE_ECC); return err; } @@ -8302,25 +8310,25 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, r = key->r; s = key->s; #else - NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (r == NULL) return MEMORY_E; #endif - NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (s == NULL) { FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC); return MEMORY_E; } #endif - err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(r, ECC_KEY_MAX_BITS_NONULLCHECK(key)); if (err != 0) { FREE_MP_INT_SIZE(s, key->heap, DYNAMIC_TYPE_ECC); FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC); return err; } - err = INIT_MP_INT_SIZE(s, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(s, ECC_KEY_MAX_BITS_NONULLCHECK(key)); if (err != 0) { FREE_MP_INT_SIZE(s, key->heap, DYNAMIC_TYPE_ECC); FREE_MP_INT_SIZE(r, key->heap, DYNAMIC_TYPE_ECC); @@ -8621,9 +8629,9 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash, ecc_point lcl_mG; ecc_point lcl_mQ; #endif - DECL_MP_INT_SIZE_DYN(w, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE); + DECL_MP_INT_SIZE_DYN(w, ECC_KEY_MAX_BITS_NONULLCHECK(key), MAX_ECC_BITS_USE); #if !defined(WOLFSSL_ASYNC_CRYPT) || !defined(HAVE_CAVIUM_V) - DECL_MP_INT_SIZE_DYN(e_lcl, ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE); + DECL_MP_INT_SIZE_DYN(e_lcl, ECC_KEY_MAX_BITS_NONULLCHECK(key), MAX_ECC_BITS_USE); #endif mp_int* e; mp_int* v = NULL; /* Will be w. */ @@ -8639,7 +8647,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash, err = mp_init(e); #else - NEW_MP_INT_SIZE(e_lcl, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(e_lcl, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (e_lcl == NULL) { return MEMORY_E; @@ -8647,7 +8655,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash, #endif e = e_lcl; - err = INIT_MP_INT_SIZE(e, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(e, ECC_KEY_MAX_BITS_NONULLCHECK(key)); #endif /* WOLFSSL_ASYNC_CRYPT && HAVE_CAVIUM_V */ if (err != MP_OKAY) { #ifdef WOLFSSL_SMALL_STACK @@ -8709,7 +8717,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash, } #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_ECC */ - NEW_MP_INT_SIZE(w, ECC_KEY_MAX_BITS(key), key->heap, DYNAMIC_TYPE_ECC); + NEW_MP_INT_SIZE(w, ECC_KEY_MAX_BITS_NONULLCHECK(key), key->heap, DYNAMIC_TYPE_ECC); #ifdef MP_INT_SIZE_CHECK_NULL if (w == NULL) { err = MEMORY_E; @@ -8722,7 +8730,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash, v = w; } if (err == MP_OKAY) { - err = INIT_MP_INT_SIZE(w, ECC_KEY_MAX_BITS(key)); + err = INIT_MP_INT_SIZE(w, ECC_KEY_MAX_BITS_NONULLCHECK(key)); } /* allocate points */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index e5ad00575..f8bab002b 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -212,7 +212,7 @@ const byte const_byte_array[] = "A+Gd\0\0\0"; int ret; char tmpBuf[80]; - ret = vsnprintf(tmpBuf, sizeof(tmpBuf), format, args); + ret = XVSNPRINTF(tmpBuf, sizeof(tmpBuf), format, args); printf(tmpBuf); return ret; diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 0d3468a5f..972066998 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -356,7 +356,7 @@ typedef struct w64wrapper { #define WC_INLINE inline #endif #else - #define WC_INLINE + #define WC_INLINE WC_MAYBE_UNUSED #endif #else #define WC_INLINE WC_MAYBE_UNUSED