Skip to content

Commit

Permalink
Various Coverity fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
embhorn committed Aug 23, 2024
1 parent 1190d1b commit 6dab582
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 9 deletions.
4 changes: 3 additions & 1 deletion src/ssl_load.c
Original file line number Diff line number Diff line change
Expand Up @@ -1560,7 +1560,9 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
}
#endif
#ifndef WC_STRICT_SIG
wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID);
if ((ctx != NULL) || (ssl != NULL)) {
wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID);
}
#else
/* Set whether ECC is available based on signature available. */
if (ssl != NULL) {
Expand Down
8 changes: 5 additions & 3 deletions src/ssl_sess.c
Original file line number Diff line number Diff line change
Expand Up @@ -1711,12 +1711,12 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
WOLFSSL_MSG("Client cache serverRow or serverIdx invalid");
error = -1;
}
/* Prevent memory access before clientSession->serverRow and
* clientSession->serverIdx are sanitized. */
XFENCE();
if (error == 0) {
/* Lock row */
sessRow = &SessionCache[clientSession->serverRow];
/* Prevent memory access before clientSession->serverRow and
* clientSession->serverIdx are sanitized. */
XFENCE();
error = SESSION_ROW_RD_LOCK(sessRow);
if (error != 0) {
WOLFSSL_MSG("Session cache row lock failure");
Expand All @@ -1729,6 +1729,8 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
#else
cacheSession = &sessRow->Sessions[clientSession->serverIdx];
#endif
/* Prevent memory access */
XFENCE();
if (cacheSession && cacheSession->sessionIDSz == 0) {
cacheSession = NULL;
WOLFSSL_MSG("Session cache entry not set");
Expand Down
2 changes: 1 addition & 1 deletion src/tls13.c
Original file line number Diff line number Diff line change
Expand Up @@ -12347,7 +12347,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
{
int ret = 0, tmp;
word32 inIdx = *inOutIdx;
int alertType = invalid_alert;
int alertType;
#if defined(HAVE_ECH)
TLSX* echX = NULL;
word32 echInOutIdx;
Expand Down
11 changes: 9 additions & 2 deletions wolfcrypt/src/asn.c
Original file line number Diff line number Diff line change
Expand Up @@ -1498,6 +1498,8 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
int minDepth;
/* Integer had a zero prepended. */
int zeroPadded;
word32 tmpW32Val;
signed char tmpScharVal;

#ifdef WOLFSSL_DEBUG_ASN_TEMPLATE
WOLFSSL_ENTER("GetASN_Items");
Expand Down Expand Up @@ -1536,14 +1538,18 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
/* Check if first of numbered choice. */
if (choice == 0 && asn[i].optional > 1) {
choice = asn[i].optional;
if (choiceMet[choice - 2] == -1) {
tmpScharVal = choiceMet[choice - 2];
XFENCE(); /* Prevent memory access */
if (tmpScharVal == -1) {
/* Choice seen but not found a match yet. */
choiceMet[choice - 2] = 0;
}
}

/* Check for end of data or not a choice and tag not matching. */
if (idx == endIdx[depth] || (data[i].dataType != ASN_DATA_TYPE_CHOICE &&
tmpW32Val = endIdx[depth];
XFENCE(); /* Prevent memory access */
if (idx == tmpW32Val || (data[i].dataType != ASN_DATA_TYPE_CHOICE &&
(input[idx] & ~ASN_CONSTRUCTED) != asn[i].tag)) {
if (asn[i].optional) {
/* Skip over ASN.1 items underneath this optional item. */
Expand Down Expand Up @@ -1611,6 +1617,7 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,

/* Store found tag in data. */
data[i].tag = input[idx];
XFENCE(); /* Prevent memory access */
if (data[i].dataType != ASN_DATA_TYPE_CHOICE) {
int constructed = (input[idx] & ASN_CONSTRUCTED) == ASN_CONSTRUCTED;
/* Check constructed match expected for non-choice ASN.1 item. */
Expand Down
2 changes: 1 addition & 1 deletion wolfcrypt/src/rsa.c
Original file line number Diff line number Diff line change
Expand Up @@ -5243,7 +5243,7 @@ int wc_RsaPrivateKeyDecodeRaw(const byte* n, word32 nSz,
if (err == MP_OKAY) {
key->type = RSA_PRIVATE;
}
else {
else if (key != NULL) {
mp_clear(&key->n);
mp_clear(&key->e);
mp_clear(&key->d);
Expand Down
2 changes: 1 addition & 1 deletion wolfcrypt/src/wc_port.c
Original file line number Diff line number Diff line change
Expand Up @@ -1183,7 +1183,7 @@ char* wc_strdup_ex(const char *src, int memType) {
word32 len = 0;

if (src) {
len = (word32)XSTRLEN(src);
len = (word32)XSTRLEN(src) + 1; /* Add one for null terminator */
ret = (char*)XMALLOC(len, NULL, memType);
if (ret != NULL) {
XMEMCPY(ret, src, len);
Expand Down

0 comments on commit 6dab582

Please sign in to comment.