mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-07 04:24:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix missing initializations on some error paths

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2023-10-17 16:35:20 +02:00
parent a0e810de4b
commit 21e46b39cc
6 changed files with 21 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tests/suites/test_suite_ctr_drbg.function
View File

@ -31,15 +31,13 @@ static void ctr_drbg_validate_internal(int reseed_mode, data_t *nonce,
data_t *result) data_t *result)
{ {
mbedtls_ctr_drbg_context ctx; mbedtls_ctr_drbg_context ctx;
mbedtls_ctr_drbg_init(&ctx);
unsigned char buf[64]; unsigned char buf[64];
size_t entropy_chunk_len = (size_t) entropy_len_arg; size_t entropy_chunk_len = (size_t) entropy_len_arg;
TEST_ASSERT(entropy_chunk_len <= sizeof(buf)); TEST_ASSERT(entropy_chunk_len <= sizeof(buf));
test_offset_idx = 0; test_offset_idx = 0;
mbedtls_ctr_drbg_init(&ctx);
test_max_idx = entropy->len; test_max_idx = entropy->len;
/* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, <ignored>) /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, <ignored>)

4
tests/suites/test_suite_pkwrite.function
View File

@ -68,6 +68,7 @@ static int pk_write_any_key(mbedtls_pk_context *pk, unsigned char **p,
static void pk_write_check_common(char *key_file, int is_public_key, int is_der) static void pk_write_check_common(char *key_file, int is_public_key, int is_der)
{ {
mbedtls_pk_context key; mbedtls_pk_context key;
mbedtls_pk_init(&key);
unsigned char *buf = NULL; unsigned char *buf = NULL;
unsigned char *check_buf = NULL; unsigned char *check_buf = NULL;
unsigned char *start_buf; unsigned char *start_buf;
@ -78,9 +79,6 @@ static void pk_write_check_common(char *key_file, int is_public_key, int is_der)
USE_PSA_INIT(); USE_PSA_INIT();
mbedtls_pk_init(&key);
USE_PSA_INIT();
/* Note: if mbedtls_pk_load_file() successfully reads the file, then /* Note: if mbedtls_pk_load_file() successfully reads the file, then
it also allocates check_buf, which should be freed on exit */ it also allocates check_buf, which should be freed on exit */
TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0); TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0);

2
tests/suites/test_suite_psa_crypto_se_driver_hal.function
View File

@ -1297,7 +1297,7 @@ void sign_verify(int flow,
mbedtls_svc_key_id_t returned_id; mbedtls_svc_key_id_t returned_id;
mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT;
psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_attributes_t drv_attributes; psa_key_attributes_t drv_attributes = PSA_KEY_ATTRIBUTES_INIT;
uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
size_t signature_length; size_t signature_length;

9
tests/suites/test_suite_ssl.function
View File

@ -24,6 +24,7 @@ void test_callback_buffer_sanity()
{ {
enum { MSGLEN = 10 }; enum { MSGLEN = 10 };
mbedtls_test_ssl_buffer buf; mbedtls_test_ssl_buffer buf;
mbedtls_test_ssl_buffer_init(&buf);
unsigned char input[MSGLEN]; unsigned char input[MSGLEN];
unsigned char output[MSGLEN]; unsigned char output[MSGLEN];
@ -43,8 +44,6 @@ void test_callback_buffer_sanity()
/* Make sure calling put and get on a buffer that hasn't been set up results /* Make sure calling put and get on a buffer that hasn't been set up results
* in error. */ * in error. */
mbedtls_test_ssl_buffer_init(&buf);
TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input))
== -1); == -1);
TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)) TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output))
@ -1787,7 +1786,9 @@ void ssl_tls13_record_protection(int ciphersuite,
{ {
mbedtls_ssl_key_set keys; mbedtls_ssl_key_set keys;
mbedtls_ssl_transform transform_send; mbedtls_ssl_transform transform_send;
mbedtls_ssl_transform_init(&transform_send);
mbedtls_ssl_transform transform_recv; mbedtls_ssl_transform transform_recv;
mbedtls_ssl_transform_init(&transform_recv);
mbedtls_record rec; mbedtls_record rec;
unsigned char *buf = NULL; unsigned char *buf = NULL;
size_t buf_len; size_t buf_len;
@ -1818,8 +1819,6 @@ void ssl_tls13_record_protection(int ciphersuite,
keys.key_len = server_write_key->len; keys.key_len = server_write_key->len;
keys.iv_len = server_write_iv->len; keys.iv_len = server_write_iv->len;
mbedtls_ssl_transform_init(&transform_recv);
mbedtls_ssl_transform_init(&transform_send);
MD_OR_USE_PSA_INIT(); MD_OR_USE_PSA_INIT();
TEST_ASSERT(mbedtls_ssl_tls13_populate_transform( TEST_ASSERT(mbedtls_ssl_tls13_populate_transform(
@ -3122,6 +3121,7 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key)
mbedtls_psa_stats_t stats; mbedtls_psa_stats_t stats;
size_t free_slots_before = -1; size_t free_slots_before = -1;
mbedtls_test_handshake_test_options options; mbedtls_test_handshake_test_options options;
mbedtls_test_init_handshake_options(&options);
uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
MBEDTLS_SSL_IANA_TLS_GROUP_NONE }; MBEDTLS_SSL_IANA_TLS_GROUP_NONE };
@ -3129,7 +3129,6 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key)
mbedtls_platform_zeroize(&client, sizeof(client)); mbedtls_platform_zeroize(&client, sizeof(client));
mbedtls_platform_zeroize(&server, sizeof(server)); mbedtls_platform_zeroize(&server, sizeof(server));
mbedtls_test_init_handshake_options(&options);
options.pk_alg = MBEDTLS_PK_ECDSA; options.pk_alg = MBEDTLS_PK_ECDSA;
options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2; options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2;
options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2; options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2;

12
tests/suites/test_suite_x509parse.function
View File

@ -928,15 +928,17 @@ void mbedtls_x509_dn_get_next(char *name_str,
int ret = 0, i; int ret = 0, i;
size_t len = 0, out_size; size_t len = 0, out_size;
mbedtls_asn1_named_data *names = NULL; mbedtls_asn1_named_data *names = NULL;
mbedtls_x509_name parsed, *parsed_cur; mbedtls_x509_name parsed;
memset(&parsed, 0, sizeof(parsed));
mbedtls_x509_name *parsed_cur;
// Size of buf is maximum required for test cases // Size of buf is maximum required for test cases
unsigned char buf[80], *out = NULL, *c; unsigned char buf[80] = {0};
unsigned char *out = NULL;
unsigned char *c = buf + sizeof(buf);
const char *short_name; const char *short_name;
USE_PSA_INIT(); USE_PSA_INIT();
memset(&parsed, 0, sizeof(parsed));
memset(buf, 0, sizeof(buf));
c = buf + sizeof(buf);
// Additional size required for trailing space // Additional size required for trailing space
out_size = strlen(expected_oids) + 2; out_size = strlen(expected_oids) + 2;
TEST_CALLOC(out, out_size); TEST_CALLOC(out, out_size);

14
tests/suites/test_suite_x509write.function
View File

@ -699,16 +699,16 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name,
int ret; int ret;
size_t len = 0; size_t len = 0;
mbedtls_asn1_named_data *names = NULL; mbedtls_asn1_named_data *names = NULL;
mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; mbedtls_x509_name parsed;
unsigned char buf[1024], out[1024], *c; memset(&parsed, 0, sizeof(parsed));
mbedtls_x509_name *parsed_cur = NULL;
mbedtls_x509_name *parsed_prv = NULL;
unsigned char buf[1024] = {0};
unsigned char out[1024] = {0};
unsigned char *c = buf + sizeof(buf);
USE_PSA_INIT(); USE_PSA_INIT();
memset(&parsed, 0, sizeof(parsed));
memset(out, 0, sizeof(out));
memset(buf, 0, sizeof(buf));
c = buf + sizeof(buf);
ret = mbedtls_x509_string_to_names(&names, name); ret = mbedtls_x509_string_to_names(&names, name);
TEST_EQUAL(ret, result); TEST_EQUAL(ret, result);