From 6dab58266d7a52a08ccfa69ae361f547599e9222 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Wed, 21 Aug 2024 15:35:46 -0500 Subject: [PATCH] Various Coverity fixes --- src/ssl_load.c | 4 +++- src/ssl_sess.c | 8 +++++--- src/tls13.c | 2 +- wolfcrypt/src/asn.c | 11 +++++++++-- wolfcrypt/src/rsa.c | 2 +- wolfcrypt/src/wc_port.c | 2 +- 6 files changed, 20 insertions(+), 9 deletions(-) diff --git a/src/ssl_load.c b/src/ssl_load.c index da4279e39e..cf5fa748bf 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -1560,7 +1560,9 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl, } #endif #ifndef WC_STRICT_SIG - wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID); + if ((ctx != NULL) || (ssl != NULL)) { + wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID); + } #else /* Set whether ECC is available based on signature available. */ if (ssl != NULL) { diff --git a/src/ssl_sess.c b/src/ssl_sess.c index 62caa7a1cd..6dc03959f5 100644 --- a/src/ssl_sess.c +++ b/src/ssl_sess.c @@ -1711,12 +1711,12 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session) WOLFSSL_MSG("Client cache serverRow or serverIdx invalid"); error = -1; } - /* Prevent memory access before clientSession->serverRow and - * clientSession->serverIdx are sanitized. */ - XFENCE(); if (error == 0) { /* Lock row */ sessRow = &SessionCache[clientSession->serverRow]; + /* Prevent memory access before clientSession->serverRow and + * clientSession->serverIdx are sanitized. */ + XFENCE(); error = SESSION_ROW_RD_LOCK(sessRow); if (error != 0) { WOLFSSL_MSG("Session cache row lock failure"); @@ -1729,6 +1729,8 @@ WOLFSSL_SESSION* ClientSessionToSession(const WOLFSSL_SESSION* session) #else cacheSession = &sessRow->Sessions[clientSession->serverIdx]; #endif + /* Prevent memory access */ + XFENCE(); if (cacheSession && cacheSession->sessionIDSz == 0) { cacheSession = NULL; WOLFSSL_MSG("Session cache entry not set"); diff --git a/src/tls13.c b/src/tls13.c index 55c9fabe53..04e6cc5585 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -12347,7 +12347,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, { int ret = 0, tmp; word32 inIdx = *inOutIdx; - int alertType = invalid_alert; + int alertType; #if defined(HAVE_ECH) TLSX* echX = NULL; word32 echInOutIdx; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 2d9d2b46e6..2534af0eac 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -1498,6 +1498,8 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete, int minDepth; /* Integer had a zero prepended. */ int zeroPadded; + word32 tmpW32Val; + signed char tmpScharVal; #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE WOLFSSL_ENTER("GetASN_Items"); @@ -1536,14 +1538,18 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete, /* Check if first of numbered choice. */ if (choice == 0 && asn[i].optional > 1) { choice = asn[i].optional; - if (choiceMet[choice - 2] == -1) { + tmpScharVal = choiceMet[choice - 2]; + XFENCE(); /* Prevent memory access */ + if (tmpScharVal == -1) { /* Choice seen but not found a match yet. */ choiceMet[choice - 2] = 0; } } /* Check for end of data or not a choice and tag not matching. */ - if (idx == endIdx[depth] || (data[i].dataType != ASN_DATA_TYPE_CHOICE && + tmpW32Val = endIdx[depth]; + XFENCE(); /* Prevent memory access */ + if (idx == tmpW32Val || (data[i].dataType != ASN_DATA_TYPE_CHOICE && (input[idx] & ~ASN_CONSTRUCTED) != asn[i].tag)) { if (asn[i].optional) { /* Skip over ASN.1 items underneath this optional item. */ @@ -1611,6 +1617,7 @@ int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete, /* Store found tag in data. */ data[i].tag = input[idx]; + XFENCE(); /* Prevent memory access */ if (data[i].dataType != ASN_DATA_TYPE_CHOICE) { int constructed = (input[idx] & ASN_CONSTRUCTED) == ASN_CONSTRUCTED; /* Check constructed match expected for non-choice ASN.1 item. */ diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 4c7d3a0e89..381af8ad9c 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -5243,7 +5243,7 @@ int wc_RsaPrivateKeyDecodeRaw(const byte* n, word32 nSz, if (err == MP_OKAY) { key->type = RSA_PRIVATE; } - else { + else if (key != NULL) { mp_clear(&key->n); mp_clear(&key->e); mp_clear(&key->d); diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index 32571585ec..294bc415c6 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -1183,7 +1183,7 @@ char* wc_strdup_ex(const char *src, int memType) { word32 len = 0; if (src) { - len = (word32)XSTRLEN(src); + len = (word32)XSTRLEN(src) + 1; /* Add one for null terminator */ ret = (char*)XMALLOC(len, NULL, memType); if (ret != NULL) { XMEMCPY(ret, src, len);