Commit c8a614fe authored by Martin Thomson's avatar Martin Thomson

Bug 1548722 - Tranche of coverity fixes, r=jcj

Summary:
CID 1444897, 1444896, 1444894, 1444892, 1444891, 1444888, 1444885, 1444881

Not sure how to manage the creation of bugs for these.

Reviewers: jcj

Tags: #secure-revision

Differential Revision: https://phabricator.services.mozilla.com/D29611

--HG--
extra : rebase_source : d9127d5bd99f8fbfa2d65c1a4a44de6d2f9a9537
extra : amend_source : f77b19d696f370b9b0d7f34774f22c874e0588e2
parent c596f149
...@@ -120,6 +120,7 @@ main(int argc, char **argv) ...@@ -120,6 +120,7 @@ main(int argc, char **argv)
/* Parse command line arguments */ /* Parse command line arguments */
optstate = PL_CreateOptState(argc, argv, "i:o:w:"); optstate = PL_CreateOptState(argc, argv, "i:o:w:");
PORT_Assert(optstate);
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) { switch (optstate->option) {
default: default:
...@@ -203,9 +204,7 @@ main(int argc, char **argv) ...@@ -203,9 +204,7 @@ main(int argc, char **argv)
} }
exitCode = 0; exitCode = 0;
loser: loser:
if (optstate) {
PL_DestroyOptState(optstate); PL_DestroyOptState(optstate);
}
if (inFile && closeIn) { if (inFile && closeIn) {
fclose(inFile); fclose(inFile);
} }
......
...@@ -185,7 +185,7 @@ cleanup: ...@@ -185,7 +185,7 @@ cleanup:
} }
static const char *const usageInfo[] = { static const char *const usageInfo[] = {
"pk11import - test PK11_PrivateKeyImport()" "pk11import - test PK11_PrivateKeyImport()",
"Options:", "Options:",
" -d certdir directory containing cert database", " -d certdir directory containing cert database",
" -k keysize size of the rsa, dh, and dsa key to test (default 1024)", " -k keysize size of the rsa, dh, and dsa key to test (default 1024)",
......
...@@ -359,6 +359,7 @@ TEST_F(pkixder_input_tests, Skip_WrapAroundPointer) ...@@ -359,6 +359,7 @@ TEST_F(pkixder_input_tests, Skip_WrapAroundPointer)
// but this should catch the problem on at least some compilers, if not all of // but this should catch the problem on at least some compilers, if not all of
// them. // them.
const uint8_t* der = nullptr; const uint8_t* der = nullptr;
// coverity[FORWARD_NULL]
--der; --der;
Input buf; Input buf;
ASSERT_EQ(Success, buf.Init(der, 0)); ASSERT_EQ(Success, buf.Init(der, 0));
......
...@@ -52,6 +52,7 @@ class AeadTest : public ::testing::Test { ...@@ -52,6 +52,7 @@ class AeadTest : public ::testing::Test {
static const size_t kMaxSize = 32; static const size_t kMaxSize = 32;
ASSERT_GE(kMaxSize, ciphertext_len); ASSERT_GE(kMaxSize, ciphertext_len);
ASSERT_LT(0U, ciphertext_len);
uint8_t output[kMaxSize]; uint8_t output[kMaxSize];
unsigned int output_len = 0; unsigned int output_len = 0;
...@@ -191,7 +192,7 @@ TEST_F(AeadTest, AeadAes128Gcm) { ...@@ -191,7 +192,7 @@ TEST_F(AeadTest, AeadAes128Gcm) {
} }
TEST_F(AeadTest, AeadAes256Gcm) { TEST_F(AeadTest, AeadAes256Gcm) {
SSLAeadContext *ctxInit; SSLAeadContext *ctxInit = nullptr;
ASSERT_EQ(SECSuccess, ASSERT_EQ(SECSuccess,
SSL_MakeAead(SSL_LIBRARY_VERSION_TLS_1_3, TLS_AES_256_GCM_SHA384, SSL_MakeAead(SSL_LIBRARY_VERSION_TLS_1_3, TLS_AES_256_GCM_SHA384,
secret_.get(), kLabel, strlen(kLabel), &ctxInit)); secret_.get(), kLabel, strlen(kLabel), &ctxInit));
......
...@@ -176,6 +176,7 @@ class BadPrSocket : public DummyIOLayerMethods { ...@@ -176,6 +176,7 @@ class BadPrSocket : public DummyIOLayerMethods {
// NSPR method vtable with the ones from this object. // NSPR method vtable with the ones from this object.
dummy_layer_ = dummy_layer_ =
PR_GetIdentitiesLayer(agent->ssl_fd(), DummyPrSocket::LayerId()); PR_GetIdentitiesLayer(agent->ssl_fd(), DummyPrSocket::LayerId());
EXPECT_TRUE(dummy_layer_);
original_methods_ = dummy_layer_->methods; original_methods_ = dummy_layer_->methods;
original_secret_ = dummy_layer_->secret; original_secret_ = dummy_layer_->secret;
dummy_layer_->methods = fd_->methods; dummy_layer_->methods = fd_->methods;
......
...@@ -70,7 +70,7 @@ static void GenerateEsniKey(time_t windowStart, SSLNamedGroup group, ...@@ -70,7 +70,7 @@ static void GenerateEsniKey(time_t windowStart, SSLNamedGroup group,
ASSERT_NE(nullptr, priv); ASSERT_NE(nullptr, priv);
SECITEM_FreeItem(&ecParams, PR_FALSE); SECITEM_FreeItem(&ecParams, PR_FALSE);
PRUint8 encoded[1024]; PRUint8 encoded[1024];
unsigned int encoded_len; unsigned int encoded_len = 0;
SECStatus rv = SSL_EncodeESNIKeys( SECStatus rv = SSL_EncodeESNIKeys(
&cipher_suites[0], cipher_suites.size(), group, pub, 100, windowStart, &cipher_suites[0], cipher_suites.size(), group, pub, 100, windowStart,
...@@ -375,11 +375,13 @@ TEST_P(TlsConnectTls13, ConnectEsniCSMismatch) { ...@@ -375,11 +375,13 @@ TEST_P(TlsConnectTls13, ConnectEsniCSMismatch) {
GenerateEsniKey(time(nullptr), ssl_grp_ec_curve25519, kDefaultSuites, &record, GenerateEsniKey(time(nullptr), ssl_grp_ec_curve25519, kDefaultSuites, &record,
&pub, &priv); &pub, &priv);
PRUint8 encoded[1024]; PRUint8 encoded[1024];
unsigned int encoded_len; unsigned int encoded_len = 0;
SECStatus rv = SSL_EncodeESNIKeys( SECStatus rv = SSL_EncodeESNIKeys(
&kChaChaSuite[0], kChaChaSuite.size(), ssl_grp_ec_curve25519, pub.get(), &kChaChaSuite[0], kChaChaSuite.size(), ssl_grp_ec_curve25519, pub.get(),
100, time(0), time(0) + 10, encoded, &encoded_len, sizeof(encoded)); 100, time(0), time(0) + 10, encoded, &encoded_len, sizeof(encoded));
ASSERT_EQ(SECSuccess, rv);
ASSERT_LT(0U, encoded_len);
rv = SSL_SetESNIKeyPair(server_->ssl_fd(), priv.get(), encoded, encoded_len); rv = SSL_SetESNIKeyPair(server_->ssl_fd(), priv.get(), encoded, encoded_len);
ASSERT_EQ(SECSuccess, rv); ASSERT_EQ(SECSuccess, rv);
rv = SSL_EnableESNI(client_->ssl_fd(), record.data(), record.len(), ""); rv = SSL_EnableESNI(client_->ssl_fd(), record.data(), record.len(), "");
......
...@@ -1229,6 +1229,7 @@ sftk_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, ...@@ -1229,6 +1229,7 @@ sftk_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
} }
if (att->attrib.ulValueLen != sizeof(ctx->key)) { if (att->attrib.ulValueLen != sizeof(ctx->key)) {
sftk_FreeAttribute(att); sftk_FreeAttribute(att);
PORT_Free(ctx);
crv = CKR_KEY_HANDLE_INVALID; crv = CKR_KEY_HANDLE_INVALID;
break; break;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment