scan-build, valgrind issues and fix issue with ExtractDate, struct tm

src/internal.c

@@ -644,6 +644,7 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
     FreeDer(&ctx->privateKey);
     FreeDer(&ctx->certificate);
     #ifdef OPENSSL_EXTRA
+        FreeX509(ctx->ourCert);
         if (ctx->ourCert) {
             XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509);
         }
@@ -11170,11 +11171,18 @@ const char* wolfSSL_get_cipher_name_internal(WOLFSSL* ssl)
             if (cipher_name_idx[i] == ssl->options.cipherSuite) {
                 const char* nameFound = cipher_names[i];
 
+                /* extra sanity check on returned cipher name */
+                if (nameFound == NULL) {
+                    continue;
+                }
+
                 /* if first is null then not any */
-                if (first == NULL && !XSTRSTR(nameFound, "CHACHA") &&
+                if (first == NULL) {
+                    if (!XSTRSTR(nameFound, "CHACHA") &&
                      !XSTRSTR(nameFound, "EC") && !XSTRSTR(nameFound, "CCM")) {
                         return cipher_names[i];
                     }
+                }
                 else if (XSTRSTR(nameFound, first)) {
                     return cipher_names[i];
                 }

src/ssl.c

@@ -3470,6 +3470,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
             if (ssl->buffers.weOwnCert) {
                 FreeDer(&ssl->buffers.certificate);
                 #ifdef OPENSSL_EXTRA
+                    FreeX509(ssl->ourCert);
                     if (ssl->ourCert) {
                         XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509);
                     }
@@ -3486,6 +3487,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
         else if (ctx) {
             FreeDer(&ctx->certificate); /* Make sure previous is free'd */
             #ifdef OPENSSL_EXTRA
+                FreeX509(ctx->ourCert);
                 if (ctx->ourCert) {
                     XFREE(ctx->ourCert, ctx->heap, DYNAMIC_TYPE_X509);
                 }
@@ -8042,6 +8044,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             WOLFSSL_MSG("Unloading cert");
             FreeDer(&ssl->buffers.certificate);
             #ifdef OPENSSL_EXTRA
+                FreeX509(ssl->ourCert);
                 if (ssl->ourCert) {
                     XFREE(ssl->ourCert, ssl->heap, DYNAMIC_TYPE_X509);
                 }

tests/api.c

@@ -1703,6 +1703,7 @@ static void test_wolfSSL_X509_NAME_get_entry(void)
         subCN = (char*)ASN1_STRING_data(asn);
         AssertNotNull(subCN);
 
+        wolfSSL_FreeX509(x509);
     #endif
 
     }

wolfcrypt/src/asn.c

@@ -3013,8 +3013,8 @@ int ExtractDate(const unsigned char* date, unsigned char format,
             certTime->tm_year = 2000;
     }
     else  { /* format == GENERALIZED_TIME */
-        certTime->tm_year += btoi(date[*idx++]) * 1000;
+        certTime->tm_year += btoi(date[*idx]) * 1000; *idx = *idx + 1;
-        certTime->tm_year += btoi(date[*idx++]) * 100;
+        certTime->tm_year += btoi(date[*idx]) * 100;  *idx = *idx + 1;
     }
 
     /* adjust tm_year, tm_mon */

wolfssl/wolfcrypt/asn.h

@@ -59,7 +59,6 @@
     extern "C" {
 #endif
 
-
 enum {
     ISSUER  = 0,
     SUBJECT = 1,
@@ -610,8 +609,10 @@ WOLFSSL_LOCAL void    FreeTrustedPeerTable(TrustedPeerCert**, int, void*);
 WOLFSSL_LOCAL int ToTraditional(byte* buffer, word32 length);
 WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*,int);
 
+typedef struct tm wolfssl_tm;
+
 WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format,
-                                                 struct tm* certTime, int* idx);
+                                                 wolfssl_tm* certTime, int* idx);
 WOLFSSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
 
 /* ASN.1 helper functions */