Commit 5a4255c9 authored by Martin Thomson's avatar Martin Thomson

Bug 1429776 - Various coverity issues on TLS 1.3 branch, r=ekr

--HG--
extra : amend_source : 56afd02dd34895963ecf02385b316280d04127b1
parent 33b114e3
......@@ -77,7 +77,7 @@ void InstallManyWriters(std::shared_ptr<TlsAgent> agent,
SSLExtensionWriter writer, size_t *installed = nullptr,
size_t *called = nullptr) {
for (size_t i = 0; i < PR_ARRAY_SIZE(kManyExtensions); ++i) {
SSLExtensionSupport support;
SSLExtensionSupport support = ssl_ext_none;
SECStatus rv = SSL_GetExtensionSupport(kManyExtensions[i], &support);
ASSERT_EQ(SECSuccess, rv) << "SSL_GetExtensionSupport cannot fail";
......
......@@ -352,6 +352,9 @@ TEST_F(TlsDropDatagram13, DropSecondHalfOfServerCertificate) {
// overlapping message ranges are handled properly; and that extra
// retransmissions are handled properly.
class TlsFragmentationAndRecoveryTest : public TlsDropDatagram13 {
public:
TlsFragmentationAndRecoveryTest() : cert_len_(0) {}
protected:
void RunTest(size_t dropped_half) {
FirstFlightDropCertificate();
......
......@@ -78,7 +78,7 @@ dtls13_RememberFragment(sslSocket *ss,
SECStatus
dtls13_SendAck(sslSocket *ss)
{
sslBuffer buf = { NULL, 0, 0 };
sslBuffer buf = SSL_BUFFER_EMPTY;
SECStatus rv = SECSuccess;
PRCList *cursor;
PRInt32 sent;
......
......@@ -619,7 +619,7 @@ static SECStatus
ssl_CallCustomExtensionSenders(sslSocket *ss, sslBuffer *buf,
SSLHandshakeType message)
{
sslBuffer tail = { NULL, 0, 0 };
sslBuffer tail = SSL_BUFFER_EMPTY;
SECStatus rv;
PRCList *cursor;
......
......@@ -665,7 +665,7 @@ ssl3_EncodeSessionTicket(sslSocket *ss, const NewSessionTicket *ticket,
PK11SymKey *secret, SECItem *ticket_data)
{
SECStatus rv;
sslBuffer plaintext = { NULL, 0, 0 };
sslBuffer plaintext = SSL_BUFFER_EMPTY;
SECItem ticket_buf = { 0, NULL, 0 };
sslSessionID sid;
unsigned char wrapped_ms[SSL3_MASTER_SECRET_LENGTH];
......
......@@ -252,7 +252,8 @@ void
ssl_DestroyCipherSpecs(PRCList *list)
{
while (!PR_CLIST_IS_EMPTY(list)) {
ssl_FreeCipherSpec((ssl3CipherSpec *)PR_LIST_TAIL(list));
ssl3CipherSpec *spec = (ssl3CipherSpec *)PR_LIST_TAIL(list);
ssl_FreeCipherSpec(spec);
}
}
......
......@@ -3075,7 +3075,7 @@ tls13_SetCipherSpec(sslSocket *ss, TrafficKeyType type,
/* We use the epoch for cipher suite identification, so increment
* it in both TLS and DTLS. */
if ((*specp)->epoch == PR_UINT16_MAX) {
return SECFailure;
goto loser;
}
spec->epoch = (PRUint16)type;
spec->seqNum = 0;
......@@ -3086,12 +3086,12 @@ tls13_SetCipherSpec(sslSocket *ss, TrafficKeyType type,
/* This depends on spec having a valid direction and epoch. */
rv = tls13_SetupPendingCipherSpec(ss, spec);
if (rv != SECSuccess) {
return SECFailure;
goto loser;
}
rv = tls13_DeriveTrafficKeys(ss, spec, type, deleteSecret);
if (rv != SECSuccess) {
return SECFailure;
goto loser;
}
/* Now that we've set almost everything up, finally cut over. */
......@@ -3109,6 +3109,10 @@ tls13_SetCipherSpec(sslSocket *ss, TrafficKeyType type,
direction == CipherSpecWrite, spec);
}
return SECSuccess;
loser:
ssl_CipherSpecRelease(spec);
return SECFailure;
}
SECStatus
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment