WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #6578 from douzzer/20230705-analyzer-fixes 

20230705-analyzer-fixes
pull/6582/head
David Garske 2023-07-06 09:04:39 -07:00 committed by GitHub
parent e8f3afc85b 1912f1bc2a
commit fb0c769d6c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 35 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
examples/pem/pem.c
View File

@ -323,6 +323,7 @@ static int FindPem(char* data, word32 offset, word32 len, word32* start,
ret = 1; ret = 1;
} }
if (ret == 0) { if (ret == 0) {
if (type_len > 0)
memcpy(str, data + type_off, type_len); memcpy(str, data + type_off, type_len);
str[type_len] = '\0'; str[type_len] = '\0';
ret = StringToType(str, type); ret = StringToType(str, type);
@ -537,6 +538,9 @@ static int EncryptDer(unsigned char* in, word32 in_len, char* password,
WC_RNG rng; WC_RNG rng;
unsigned char salt[SALT_MAX_LEN]; unsigned char salt[SALT_MAX_LEN];
if (password == NULL)
return 1;
XMEMSET(&rng, 0, sizeof(rng)); XMEMSET(&rng, 0, sizeof(rng));
/* Create a random number generator. */ /* Create a random number generator. */
@ -610,7 +614,7 @@ static int ConvDerToPem(unsigned char* in, word32 offset, word32 len,
if (ret > 0) { if (ret > 0) {
ret = 0; ret = 0;
} }
if (ret == 0) { if ((ret == 0) && (pem_len > 0)) {
/* Allocate memory to hold PEM encoding. */ /* Allocate memory to hold PEM encoding. */
pem = (unsigned char*)malloc(pem_len); pem = (unsigned char*)malloc(pem_len);
if (pem == NULL) { if (pem == NULL) {
@ -944,7 +948,7 @@ int main(int argc, char* argv[])
ret = 1; ret = 1;
} }
if (pem) { if ((ret == 0) && pem) {
/* Convert PEM to DER. */ /* Convert PEM to DER. */
ret = ConvPemToDer((char*)in, offset, in_len, &der, type, &info, ret = ConvPemToDer((char*)in, offset, in_len, &der, type, &info,
padding); padding);

4
scripts/pem.test
View File

@ -148,7 +148,7 @@ check_der() {
convert_to_der() { convert_to_der() {
if [ "$SKIP" = "" -a "$FAILED" = "" ]; then if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
echo " $PEM_EXE $* -out $tmp_pem_file" echo " $PEM_EXE $* -out $tmp_pem_file"
$PEM_EXE $* -out $tmp_der_file $PEM_EXE "$@" -out $tmp_der_file
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
echo " Failed to convert to DER" echo " Failed to convert to DER"
test_fail test_fail
@ -176,7 +176,7 @@ compare_der() {
convert_to_pem() { convert_to_pem() {
if [ "$SKIP" = "" -a "$FAILED" = "" ]; then if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
echo " $PEM_EXE --der -t \"$PEM_TYPE\" $* -out $tmp_pem_file" echo " $PEM_EXE --der -t \"$PEM_TYPE\" $* -out $tmp_pem_file"
$PEM_EXE --der $* -t "$PEM_TYPE" -out $tmp_pem_file $PEM_EXE --der "$@" -t "$PEM_TYPE" -out $tmp_pem_file
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
test_fail test_fail
fi fi

1
src/internal.c
View File

@ -11476,7 +11476,6 @@ static int CipherRequires(byte first, byte second, int requirement)
if (requirement == REQUIRES_AEAD) if (requirement == REQUIRES_AEAD)
return 1; return 1;
return 0; return 0;
break;
default: default:
WOLFSSL_MSG("Unsupported cipher suite, CipherRequires " WOLFSSL_MSG("Unsupported cipher suite, CipherRequires "

4
tests/api.c
View File

@ -56697,10 +56697,10 @@ static int test_wolfSSL_CTX_LoadCRL(void)
WOLFSSL_SUCCESS) WOLFSSL_SUCCESS)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
#define NEW_CTX(ctx) AssertNotNull( \ #define NEW_CTX(ctx) AssertNotNull( \
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) (ctx) = wolfSSL_CTX_new(wolfSSLv23_client_method()))
#elif !defined(NO_WOLFSSL_SERVER) #elif !defined(NO_WOLFSSL_SERVER)
#define NEW_CTX(ctx) AssertNotNull( \ #define NEW_CTX(ctx) AssertNotNull( \
ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) (ctx) = wolfSSL_CTX_new(wolfSSLv23_server_method()))
#else #else
#define NEW_CTX(ctx) return #define NEW_CTX(ctx) return
#endif #endif

8
tests/unit.h
View File

@ -189,17 +189,17 @@
#define ExpectPtr(x, y, op, er) do { \ #define ExpectPtr(x, y, op, er) do { \
if (_ret != TEST_FAIL) { \ if (_ret != TEST_FAIL) { \
PRAGMA_GCC_DIAG_PUSH; \ PRAGMA_DIAG_PUSH; \
/* remarkably, without this inhibition, */ \ /* remarkably, without this inhibition, */ \
/* the _Pragma()s make the declarations warn. */ \ /* the _Pragma()s make the declarations warn. */ \
PRAGMA_GCC("GCC diagnostic ignored \"-Wdeclaration-after-statement\"");\ PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\""); \
/* inhibit "ISO C forbids conversion of function pointer */ \ /* inhibit "ISO C forbids conversion of function pointer */ \
/* to object pointer type [-Werror=pedantic]" */ \ /* to object pointer type [-Werror=pedantic]" */ \
PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\""); \ PRAGMA("GCC diagnostic ignored \"-Wpedantic\""); \
void* _x = (void*)(x); \ void* _x = (void*)(x); \
void* _y = (void*)(y); \ void* _y = (void*)(y); \
Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y));\ Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y));\
PRAGMA_GCC_DIAG_POP; \ PRAGMA_DIAG_POP; \
} \ } \
} while(0) } while(0)

4
testsuite/testsuite.c
View File

@ -619,8 +619,6 @@ void wait_tcp_ready(func_args* args)
#endif /* thread checks */ #endif /* thread checks */
} }
#ifndef SINGLE_THREADED
/* Start a thread. /* Start a thread.
* *
* @param [in] fun Function to executre in thread. * @param [in] fun Function to executre in thread.
@ -720,8 +718,6 @@ void join_thread(THREAD_TYPE thread)
#endif #endif
} }
#endif /* SINGLE_THREADED */
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
#ifdef _MSC_VER #ifdef _MSC_VER

16
wolfcrypt/src/asn.c
View File

@ -11972,7 +11972,7 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
/* Calculate the hash of the public key for OCSP. */ /* Calculate the hash of the public key for OCSP. */
ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize, ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize,
cert->subjectKeyHash, HashIdAlg(cert->signatureOID)); cert->subjectKeyHash, HashIdAlg((int)cert->signatureOID));
#endif #endif
} }
@ -12125,7 +12125,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
/* Calculate the hash of the subject public key for OCSP. */ /* Calculate the hash of the subject public key for OCSP. */
ret = CalcHashId_ex(dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data, ret = CalcHashId_ex(dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data,
dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length, dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length,
cert->subjectKeyHash, HashIdAlg(cert->signatureOID)); cert->subjectKeyHash, HashIdAlg((int)cert->signatureOID));
} }
if (ret == 0) { if (ret == 0) {
#endif #endif
@ -13948,7 +13948,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
* calculated over the entire DER encoding of the Name field, including * calculated over the entire DER encoding of the Name field, including
* the tag and length. */ * the tag and length. */
if (CalcHashId_ex(input + srcIdx, maxIdx - srcIdx, hash, if (CalcHashId_ex(input + srcIdx, maxIdx - srcIdx, hash,
HashIdAlg(cert->signatureOID)) != 0) { HashIdAlg((int)cert->signatureOID)) != 0) {
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
@ -18873,7 +18873,7 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
/* Get the hash or hash of the hash if wrong size. */ /* Get the hash or hash of the hash if wrong size. */
ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data, ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
(int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length, (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
cert->extAuthKeyId, HashIdAlg(cert->signatureOID)); cert->extAuthKeyId, HashIdAlg((int)cert->signatureOID));
} }
} }
@ -18911,7 +18911,7 @@ static int DecodeSubjKeyId(const byte* input, word32 sz, DecodedCert* cert)
/* Get the hash or hash of the hash if wrong size. */ /* Get the hash or hash of the hash if wrong size. */
ret = GetHashId(input + idx, length, cert->extSubjKeyId, ret = GetHashId(input + idx, length, cert->extSubjKeyId,
HashIdAlg(cert->signatureOID)); HashIdAlg((int)cert->signatureOID));
} }
return ret; return ret;
@ -22557,11 +22557,11 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
/* TODO: GmSSL creates IDs this way but whole public key info /* TODO: GmSSL creates IDs this way but whole public key info
* block should be hashed. */ * block should be hashed. */
ret = CalcHashId_ex(cert->publicKey + cert->pubKeySize - 65, 65, ret = CalcHashId_ex(cert->publicKey + cert->pubKeySize - 65, 65,
cert->extSubjKeyId, HashIdAlg(cert->signatureOID)); cert->extSubjKeyId, HashIdAlg((int)cert->signatureOID));
} }
else { else {
ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize, ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize,
cert->extSubjKeyId, HashIdAlg(cert->signatureOID)); cert->extSubjKeyId, HashIdAlg((int)cert->signatureOID));
} }
if (ret != 0) { if (ret != 0) {
WOLFSSL_ERROR_VERBOSE(ret); WOLFSSL_ERROR_VERBOSE(ret);
@ -30419,7 +30419,7 @@ static int SetAuthKeyIdFromDcert(Cert* cert, DecodedCert* decoded)
cert->akidSz = KEYID_SIZE; cert->akidSz = KEYID_SIZE;
#endif #endif
/* Put the SKID of CA to AKID of certificate */ /* Put the SKID of CA to AKID of certificate */
XMEMCPY(cert->akid, decoded->extSubjKeyId, cert->akidSz); XMEMCPY(cert->akid, decoded->extSubjKeyId, (size_t)cert->akidSz);
} }
return ret; return ret;

4
wolfcrypt/src/hash.c
View File

@ -303,8 +303,8 @@ enum wc_HashType wc_OidGetHash(int oid)
#ifdef WOLFSSL_SM3 #ifdef WOLFSSL_SM3
case SM3h: case SM3h:
hash_type = WC_HASH_TYPE_SM3; hash_type = WC_HASH_TYPE_SM3;
#endif
break; break;
#endif
default: default:
break; break;
} }
@ -1172,8 +1172,8 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
#ifdef WOLFSSL_SM3 #ifdef WOLFSSL_SM3
case WC_HASH_TYPE_SM3: case WC_HASH_TYPE_SM3:
ret = wc_Sm3SetFlags(&hash->sm3, flags); ret = wc_Sm3SetFlags(&hash->sm3, flags);
#endif
break; break;
#endif
/* not supported */ /* not supported */
case WC_HASH_TYPE_MD5_SHA: case WC_HASH_TYPE_MD5_SHA:

4
wolfcrypt/src/sp_int.c
View File

@ -5291,9 +5291,11 @@ int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
/* Allocate temporary to hold masked xor of a and b. */ /* Allocate temporary to hold masked xor of a and b. */
ALLOC_SP_INT(t, cnt, err, NULL); ALLOC_SP_INT(t, cnt, err, NULL);
if (err == MP_OKAY) {
err = sp_cond_swap_ct_ex(a, b, cnt, swap, t); err = sp_cond_swap_ct_ex(a, b, cnt, swap, t);
FREE_SP_INT(t, NULL); FREE_SP_INT(t, NULL);
}
return err; return err;
} }
#endif /* HAVE_ECC && ECC_TIMING_RESISTANT && !WC_NO_CACHE_RESISTANT */ #endif /* HAVE_ECC && ECC_TIMING_RESISTANT && !WC_NO_CACHE_RESISTANT */

11
wolfcrypt/test/test.c
View File

@ -14282,6 +14282,7 @@ static wc_test_ret_t const_byte_ptr_test(const byte* in, word32 *outJ)
volatile word32 j = -1; /* must be volatile to properly detect error */ volatile word32 j = -1; /* must be volatile to properly detect error */
ret = (wc_test_ret_t)*in; /* accessed *in value. */ ret = (wc_test_ret_t)*in; /* accessed *in value. */
(void)ret;
j = *outJ; /* Found index to use in const array. */ j = *outJ; /* Found index to use in const array. */
if (j == 0) { if (j == 0) {
@ -28440,7 +28441,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void)
#if !defined(NO_ECC_SECP) || defined(WOLFSSL_CUSTOM_CURVES) #if !defined(NO_ECC_SECP) || defined(WOLFSSL_CUSTOM_CURVES)
ret = ecc_def_curve_test(&rng); ret = ecc_def_curve_test(&rng);
if (ret < 0) { if (ret < 0) {
fprintf(stderr, "Default\n"); printf("Default\n");
goto done; goto done;
} }
#endif #endif
@ -28476,7 +28477,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void)
#ifdef WOLFSSL_SM2 #ifdef WOLFSSL_SM2
ret = ecc_test_curve(&rng, 32, ECC_SM2P256V1); ret = ecc_test_curve(&rng, 32, ECC_SM2P256V1);
if (ret < 0) { if (ret < 0) {
fprintf(stderr, "SM2\n"); printf("SM2\n");
goto done; goto done;
} }
#endif #endif
@ -28484,7 +28485,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void)
#if defined(WOLFSSL_CUSTOM_CURVES) #if defined(WOLFSSL_CUSTOM_CURVES)
ret = ecc_test_custom_curves(&rng); ret = ecc_test_custom_curves(&rng);
if (ret != 0) { if (ret != 0) {
fprintf(stderr, "Custom\n"); printf("Custom\n");
goto done; goto done;
} }
#endif #endif
@ -28492,12 +28493,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void)
#if defined(WOLFSSL_SM2) #if defined(WOLFSSL_SM2)
ret = test_sm2_verify(); ret = test_sm2_verify();
if (ret != 0) { if (ret != 0) {
fprintf(stderr, "SM2 Verify\n"); printf("SM2 Verify\n");
goto done; goto done;
} }
ret = ecc_sm2_test_curve(&rng, ECC_TEST_VERIFY_COUNT); ret = ecc_sm2_test_curve(&rng, ECC_TEST_VERIFY_COUNT);
if (ret != 0) { if (ret != 0) {
fprintf(stderr, "SM2 test\n"); printf("SM2 test\n");
goto done; goto done;
} }
#endif #endif