Merge pull request #7890 from embhorn/zd18463

Various Coverity fixes

src/ssl_load.c

@@ -1560,7 +1560,9 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
  }
  #endif
 #ifndef WC_STRICT_SIG
- wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID);
+ if ((ctx != NULL) || (ssl != NULL)) {
+ wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID);
+ }
 #else
  /* Set whether ECC is available based on signature available. */
  if (ssl != NULL) {

src/ssl_sess.c

@@ -1711,12 +1711,12 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
  WOLFSSL_MSG("Client cache serverRow or serverIdx invalid");
  error = -1;
  }
- /* Prevent memory access before clientSession->serverRow and
- * clientSession->serverIdx are sanitized. */
- XFENCE();
  if (error == 0) {
  /* Lock row */
  sessRow = &SessionCache[clientSession->serverRow];
+ /* Prevent memory access before clientSession->serverRow and
+ * clientSession->serverIdx are sanitized. */
+ XFENCE();
  error = SESSION_ROW_RD_LOCK(sessRow);
  if (error != 0) {
  WOLFSSL_MSG("Session cache row lock failure");
@@ -1729,6 +1729,8 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session)
 #else
  cacheSession = &sessRow->Sessions[clientSession->serverIdx];
 #endif
+ /* Prevent memory access */
+ XFENCE();
  if (cacheSession && cacheSession->sessionIDSz == 0) {
  cacheSession = NULL;
  WOLFSSL_MSG("Session cache entry not set");

src/tls13.c

@@ -12347,7 +12347,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
 {
  int ret = 0, tmp;
  word32 inIdx = *inOutIdx;
- int alertType = invalid_alert;
+ int alertType;
 #if defined(HAVE_ECH)
  TLSX* echX = NULL;
  word32 echInOutIdx;

wolfcrypt/src/asn.c

@@ -1500,6 +1500,8 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
  int minDepth;
  /* Integer had a zero prepended. */
  int zeroPadded;
+ word32 tmpW32Val;
+ signed char tmpScharVal;
 
 #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE
  WOLFSSL_ENTER("GetASN_Items");
@@ -1538,14 +1540,18 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
  /* Check if first of numbered choice. */
  if (choice == 0 && asn[i].optional > 1) {
  choice = asn[i].optional;
- if (choiceMet[choice - 2] == -1) {
+ tmpScharVal = choiceMet[choice - 2];
+ XFENCE(); /* Prevent memory access */
+ if (tmpScharVal == -1) {
  /* Choice seen but not found a match yet. */
  choiceMet[choice - 2] = 0;
  }
  }
 
  /* Check for end of data or not a choice and tag not matching. */
- if (idx == endIdx[depth] || (data[i].dataType != ASN_DATA_TYPE_CHOICE &&
+ tmpW32Val = endIdx[depth];
+ XFENCE(); /* Prevent memory access */
+ if (idx == tmpW32Val || (data[i].dataType != ASN_DATA_TYPE_CHOICE &&
  (input[idx] & ~ASN_CONSTRUCTED) != asn[i].tag)) {
  if (asn[i].optional) {
  /* Skip over ASN.1 items underneath this optional item. */
@@ -1613,6 +1619,7 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete,
 
  /* Store found tag in data. */
  data[i].tag = input[idx];
+ XFENCE(); /* Prevent memory access */
  if (data[i].dataType != ASN_DATA_TYPE_CHOICE) {
  int constructed = (input[idx] & ASN_CONSTRUCTED) == ASN_CONSTRUCTED;
  /* Check constructed match expected for non-choice ASN.1 item. */

wolfcrypt/src/rsa.c

@@ -5243,7 +5243,7 @@ int wc_RsaPrivateKeyDecodeRaw(const byte* n, word32 nSz,
  if (err == MP_OKAY) {
  key->type = RSA_PRIVATE;
  }
- else {
+ else if (key != NULL) {
  mp_clear(&key->n);
  mp_clear(&key->e);
  mp_clear(&key->d);

wolfcrypt/src/wc_port.c

@@ -1183,7 +1183,7 @@ char* wc_strdup_ex(const char *src, int memType) {
  word32 len = 0;
 
  if (src) {
- len = (word32)XSTRLEN(src);
+ len = (word32)XSTRLEN(src) + 1; /* Add one for null terminator */
  ret = (char*)XMALLOC(len, NULL, memType);
  if (ret != NULL) {
  XMEMCPY(ret, src, len);