Merge pull request #7718 from douzzer/20240705-coverity-fixes

20240705-coverity-fixes

Author: JacobBarthelmeh

src/internal.c

@@ -14955,44 +14955,65 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                 #endif
 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
                     if (ret == 0 && addToPendingCAs && !alreadySigner) {
-                        DecodedCert dCertAdd;
-                        DerBuffer *derBuffer;
+#ifdef WOLFSSL_SMALL_STACK
+                        DecodedCert *dCertAdd = NULL;
+#else
+                        DecodedCert dCertAdd[1];
+#endif
+                        int dCertAdd_inited = 0;
+                        DerBuffer *derBuffer = NULL;
                         buffer* cert = &args->certs[args->certIdx];
-                        Signer *s;
-                        InitDecodedCert(&dCertAdd, cert->buffer, cert->length, ssl->heap);
-                        ret = ParseCert(&dCertAdd, CA_TYPE, NO_VERIFY, SSL_CM(ssl));
+                        Signer *s = NULL;
+
+#ifdef WOLFSSL_SMALL_STACK
+                        dCertAdd = (DecodedCert *)
+                            XMALLOC(sizeof(*dCertAdd), ssl->heap,
+                                    DYNAMIC_TYPE_TMP_BUFFER);
+                        if (dCertAdd == NULL) {
+                            ret = MEMORY_E;
+                            goto exit_req_v2;
+                        }
+#endif
+                        InitDecodedCert(dCertAdd, cert->buffer, cert->length,
+                                        ssl->heap);
+                        dCertAdd_inited = 1;
+                        ret = ParseCert(dCertAdd, CA_TYPE, NO_VERIFY,
+                                        SSL_CM(ssl));
                         if (ret != 0) {
-                            FreeDecodedCert(&dCertAdd);
-                            goto exit_ppc;
+                            goto exit_req_v2;
                         }
                         ret = AllocDer(&derBuffer, cert->length, CA_TYPE, ssl->heap);
                         if (ret != 0 || derBuffer == NULL) {
-                            FreeDecodedCert(&dCertAdd);
-                            goto exit_ppc;
+                            goto exit_req_v2;
                         }
                         XMEMCPY(derBuffer->buffer, cert->buffer, cert->length);
                         s = MakeSigner(SSL_CM(ssl)->heap);
                         if (s == NULL) {
-                            FreeDecodedCert(&dCertAdd);
-                            FreeDer(&derBuffer);
                             ret = MEMORY_E;
-                            goto exit_ppc;
+                            goto exit_req_v2;
                         }
-                        ret = FillSigner(s, &dCertAdd, CA_TYPE, derBuffer);
-                        FreeDecodedCert(&dCertAdd);
-                        FreeDer(&derBuffer);
+                        ret = FillSigner(s, dCertAdd, CA_TYPE, derBuffer);
                         if (ret != 0) {
-                            FreeSigner(s, SSL_CM(ssl)->heap);
-                            goto exit_ppc;
+                            goto exit_req_v2;
                         }
                         skipAddCA = 1;
                         ret = TLSX_CSR2_AddPendingSigner(ssl->extensions, s);
-                        if (ret != 0) {
-                            FreeSigner(s, ssl->heap);
+
+                    exit_req_v2:
+                        if (s && (ret != 0))
+                            FreeSigner(s, SSL_CM(ssl)->heap);
+                        if (derBuffer)
+                            FreeDer(&derBuffer);
+                        if (dCertAdd_inited)
+                            FreeDecodedCert(dCertAdd);
+#ifdef WOLFSSL_SMALL_STACK
+                        if (dCertAdd)
+                            XFREE(dCertAdd, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+                        if (ret != 0)
                             goto exit_ppc;
-                        }
                     }
-#endif
+#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
 
                     /* If valid CA then add to Certificate Manager */
                     if (ret == 0 && args->dCert->isCA &&

src/wolfio.c

@@ -1612,6 +1612,11 @@ int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
 
         /* read data if no \r\n or first time */
         if ((start == NULL) || (end == NULL)) {
+            if (httpBufSz < len + 1) {
+                return BUFFER_ERROR; /* can't happen, but Coverity thinks it
+                                      * can.
+                                      */
+            }
             result = wolfIO_Recv(sfd, (char*)httpBuf+len, httpBufSz-len-1, 0);
             if (result > 0) {
                 len += result;

wolfcrypt/src/aes.c

@@ -12910,10 +12910,6 @@ int wc_AesXtsEncryptInit(XtsAes* xaes, const byte* i, word32 iSz,
         return BAD_FUNC_ARG;
     }
 
-    if (iSz < AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
     XMEMCPY(stream->tweak_block, i, AES_BLOCK_SIZE);
     stream->bytes_crypted_with_this_tweak = 0;
 

wolfcrypt/src/asn.c

@@ -24067,7 +24067,7 @@ int FillSigner(Signer* signer, DecodedCert* cert, int type, DerBuffer *der)
     if (ret == 0 && signer != NULL) {
         if (cert->extSapkiSet && cert->sapkiLen > 0) {
             /* Allocated space for alternative public key. */
-            signer->sapkiDer = (byte*)XMALLOC(cert->sapkiLen, cm->heap,
+            signer->sapkiDer = (byte*)XMALLOC(cert->sapkiLen, cert->heap,
                                               DYNAMIC_TYPE_PUBLIC_KEY);
             if (signer->sapkiDer == NULL) {
                 ret = MEMORY_E;
@@ -24083,7 +24083,8 @@ int FillSigner(Signer* signer, DecodedCert* cert, int type, DerBuffer *der)
 
 #if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
     if (ret == 0 && signer != NULL)
-        ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash);
+        ret = CalcHashId(cert->serial, (word32)cert->serialSz,
+                         signer->serialHash);
 #endif
     if (ret == 0 && signer != NULL) {
     #ifdef WOLFSSL_SIGNER_DER_CERT

wolfcrypt/src/rsa.c

@@ -4017,7 +4017,10 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,
 
     /* Sig = Salt | Exp Hash */
     if (ret == 0) {
-        if (sigSz != inSz + (word32)saltLen) {
+        word32 totalSz;
+        if ((WC_SAFE_SUM_WORD32(inSz, (word32)saltLen, totalSz) == 0) ||
+            (sigSz != totalSz))
+        {
             ret = PSS_SALTLEN_E;
         }
     }

wolfcrypt/src/wc_encrypt.c

@@ -545,9 +545,15 @@ int wc_CryptKey(const char* password, int passwordSz, byte* salt,
 
                 ret =  wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
                                     iterations, (int)derivedLen, typeH, 1);
+                if (ret < 0)
+                    break;
                 if (id != PBE_SHA1_RC4_128) {
-                    ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt,
+                    i = ret;
+                    ret = wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt,
                                     saltSz, iterations, 8, typeH, 2);
+                    if (ret < 0)
+                        break;
+                    ret += i;
                 }
                 break;
             }