Skip to content

Commit 0d588b4

Browse files
night1ridernight1rider
authored
Merge pull request #9313 from douzzer/20251016-Wnull-dereference
20251016-Wnull-dereference
2 parents 0727bae + 0c4feb0 commit 0d588b4

File tree

7 files changed

+61
-29
lines changed

7 files changed

+61
-29
lines changed

src/pk.c

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -970,23 +970,23 @@ WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags)
970970
int err;
971971

972972
/* Validate name is not NULL. */
973-
err = (name == NULL);
974-
if (!err) {
975-
/* Allocate an RSA METHOD to return. */
976-
meth = (WOLFSSL_RSA_METHOD*)XMALLOC(sizeof(WOLFSSL_RSA_METHOD), NULL,
977-
DYNAMIC_TYPE_OPENSSL);
978-
err = (meth == NULL);
979-
}
980-
if (!err) {
981-
XMEMSET(meth, 0, sizeof(*meth));
982-
meth->flags = flags;
983-
meth->dynamic = 1;
973+
if (name == NULL)
974+
return NULL;
975+
/* Allocate an RSA METHOD to return. */
976+
meth = (WOLFSSL_RSA_METHOD*)XMALLOC(sizeof(WOLFSSL_RSA_METHOD), NULL,
977+
DYNAMIC_TYPE_OPENSSL);
978+
if (meth == NULL)
979+
return NULL;
980+
981+
XMEMSET(meth, 0, sizeof(*meth));
982+
meth->flags = flags;
983+
meth->dynamic = 1;
984+
985+
name_len = (int)XSTRLEN(name);
986+
meth->name = (char*)XMALLOC((size_t)(name_len + 1), NULL,
987+
DYNAMIC_TYPE_OPENSSL);
988+
err = (meth->name == NULL);
984989

985-
name_len = (int)XSTRLEN(name);
986-
meth->name = (char*)XMALLOC((size_t)(name_len + 1), NULL,
987-
DYNAMIC_TYPE_OPENSSL);
988-
err = (meth->name == NULL);
989-
}
990990
if (!err) {
991991
XMEMCPY(meth->name, name, (size_t)(name_len + 1));
992992
}

src/ssl.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1153,8 +1153,8 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap)
11531153

11541154
#ifdef OPENSSL_COMPATIBLE_DEFAULTS
11551155
if (ctx) {
1156-
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
1157-
wolfSSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
1156+
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
1157+
wolfSSL_CTX_set_mode(ctx, WOLFSSL_MODE_AUTO_RETRY);
11581158
if (wolfSSL_CTX_set_min_proto_version(ctx,
11591159
(method->version.major == DTLS_MAJOR) ?
11601160
DTLS1_VERSION : SSL3_VERSION) != WOLFSSL_SUCCESS ||

src/x509.c

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10195,18 +10195,18 @@ int wolfSSL_X509_PUBKEY_set(WOLFSSL_X509_PUBKEY **x, WOLFSSL_EVP_PKEY *key)
1019510195
keyTypeObj = wolfSSL_OBJ_nid2obj(key->type);
1019610196
if (keyTypeObj == NULL) {
1019710197
if (ptype == WOLFSSL_V_ASN1_OBJECT)
10198-
ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval);
10198+
wolfSSL_ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval);
1019910199
else
10200-
ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval);
10200+
wolfSSL_ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval);
1020110201
goto error;
1020210202
}
1020310203
if (!wolfSSL_X509_ALGOR_set0(pk->algor, keyTypeObj, ptype, pval)) {
1020410204
WOLFSSL_MSG("Failed to create algorithm object");
10205-
ASN1_OBJECT_free(keyTypeObj);
10205+
wolfSSL_ASN1_OBJECT_free(keyTypeObj);
1020610206
if (ptype == WOLFSSL_V_ASN1_OBJECT)
10207-
ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval);
10207+
wolfSSL_ASN1_OBJECT_free((WOLFSSL_ASN1_OBJECT *)pval);
1020810208
else
10209-
ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval);
10209+
wolfSSL_ASN1_STRING_free((WOLFSSL_ASN1_STRING *)pval);
1021010210
goto error;
1021110211
}
1021210212

tests/api.c

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20116,8 +20116,8 @@ static int test_wolfSSL_PKCS7_certs(void)
2011620116
while (EXPECT_SUCCESS() && (sk_X509_INFO_num(info_sk) > 0)) {
2011720117
X509_INFO* info = NULL;
2011820118
ExpectNotNull(info = sk_X509_INFO_shift(info_sk));
20119-
ExpectIntGT(sk_X509_push(sk, info->x509), 0);
20120-
if (EXPECT_SUCCESS() && (info != NULL)) {
20119+
if (info != NULL) {
20120+
ExpectIntGT(sk_X509_push(sk, info->x509), 0);
2012120121
info->x509 = NULL;
2012220122
}
2012320123
X509_INFO_free(info);
@@ -32422,8 +32422,10 @@ static int test_wolfSSL_X509V3_EXT_get(void)
3242232422
ExpectIntNE((extNid = ext->obj->nid), NID_undef);
3242332423
ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
3242432424
ExpectIntEQ(method->ext_nid, extNid);
32425-
if (method->ext_nid == NID_subject_key_identifier) {
32426-
ExpectNotNull(method->i2s);
32425+
if (EXPECT_SUCCESS()) {
32426+
if (method->ext_nid == NID_subject_key_identifier) {
32427+
ExpectNotNull(method->i2s);
32428+
}
3242732429
}
3242832430
}
3242932431

wolfcrypt/src/asn.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29961,9 +29961,17 @@ static int EncodeName(EncodedName* name, const char* nameStr,
2996129961
break;
2996229962
#ifdef WOLFSSL_CUSTOM_OID
2996329963
case ASN_CUSTOM_NAME:
29964+
#ifdef __s390x__
29965+
/* inhibit arch-specific false positive. */
29966+
PRAGMA_GCC_DIAG_PUSH;
29967+
PRAGMA_GCC("GCC diagnostic ignored \"-Wnull-dereference\"");
29968+
#endif
2996429969
nameSz = (word32)cname->custom.valSz;
2996529970
oid = cname->custom.oid;
2996629971
oidSz = (word32)cname->custom.oidSz;
29972+
#ifdef __s390x__
29973+
PRAGMA_GCC_DIAG_POP;
29974+
#endif
2996729975
break;
2996829976
#endif
2996929977
#ifdef WOLFSSL_CERT_REQ

wolfcrypt/src/pkcs12.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -977,8 +977,10 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
977977
totalSz += seqSz;
978978

979979
/* check if getting length only */
980-
if (der == NULL && derSz != NULL) {
981-
*derSz = (int)totalSz;
980+
if (der == NULL) {
981+
/* repeat nullness check locally to mollify -Wnull-dereference. */
982+
if (derSz != NULL)
983+
*derSz = (int)totalSz;
982984
XFREE(sdBuf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
983985
return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
984986
}

wolfcrypt/src/port/af_alg/afalg_aes.c

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -186,6 +186,10 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
186186
if ((sz / WC_AES_BLOCK_SIZE) > 0) {
187187
/* update IV */
188188
cmsg = CMSG_FIRSTHDR(&(aes->msg));
189+
if (cmsg == NULL) {
190+
WOLFSSL_MSG("CMSG_FIRSTHDR() in wc_AesCbcEncrypt() returned NULL unexpectedly.");
191+
return SYSLIB_FAILED_E;
192+
}
189193
ret = wc_Afalg_SetIv(CMSG_NXTHDR(&(aes->msg), cmsg),
190194
(byte*)(aes->reg), AES_IV_SIZE);
191195
if (ret < 0) {
@@ -245,6 +249,10 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
245249
if ((sz / WC_AES_BLOCK_SIZE) > 0) {
246250
/* update IV */
247251
cmsg = CMSG_FIRSTHDR(&(aes->msg));
252+
if (cmsg == NULL) {
253+
WOLFSSL_MSG("CMSG_FIRSTHDR() in wc_AesCbcDecrypt() returned NULL unexpectedly.");
254+
return SYSLIB_FAILED_E;
255+
}
248256
ret = wc_Afalg_SetIv(CMSG_NXTHDR(&(aes->msg), cmsg),
249257
(byte*)(aes->reg), AES_IV_SIZE);
250258
if (ret != 0) {
@@ -397,6 +405,10 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
397405

398406
/* update IV */
399407
cmsg = CMSG_FIRSTHDR(&(aes->msg));
408+
if (cmsg == NULL) {
409+
WOLFSSL_MSG("CMSG_FIRSTHDR() in wc_AesCtrEncrypt() returned NULL unexpectedly.");
410+
return SYSLIB_FAILED_E;
411+
}
400412
ret = wc_Afalg_SetIv(CMSG_NXTHDR(&(aes->msg), cmsg),
401413
(byte*)(aes->reg), AES_IV_SIZE);
402414
if (ret < 0) {
@@ -613,7 +625,15 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
613625

614626
msg = &(aes->msg);
615627
cmsg = CMSG_FIRSTHDR(msg);
628+
if (cmsg == NULL) {
629+
WOLFSSL_MSG("CMSG_FIRSTHDR() in wc_AesGcmEncrypt() returned NULL unexpectedly.");
630+
return SYSLIB_FAILED_E;
631+
}
616632
cmsg = CMSG_NXTHDR(msg, cmsg);
633+
if (cmsg == NULL) {
634+
WOLFSSL_MSG("CMSG_NEXTHDR() in wc_AesGcmEncrypt() returned NULL unexpectedly.");
635+
return SYSLIB_FAILED_E;
636+
}
617637

618638
/* set IV and AAD size */
619639
ret = wc_Afalg_SetIv(cmsg, (byte*)iv, ivSz);

0 commit comments

Comments
 (0)