clang scan-build fixes
This commit is contained in:
parent
f8b106601b
commit
2bee126062
@ -760,8 +760,8 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
|
||||
int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
|
||||
{
|
||||
word32 inOutIdx = 0, oid;
|
||||
int first, second, length, iterations, saltSz, id;
|
||||
int version;
|
||||
int first, second, length, version, saltSz, id;
|
||||
int iterations = 0;
|
||||
byte salt[MAX_SALT_SIZE];
|
||||
byte cbcIv[MAX_IV_SIZE];
|
||||
|
||||
@ -1375,6 +1375,7 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
cert->srcIdx += 2;
|
||||
id = cert->source[cert->srcIdx++];
|
||||
b = cert->source[cert->srcIdx++]; /* strType */
|
||||
(void)b; /* may want to validate? */
|
||||
|
||||
if (GetLength(cert->source, &cert->srcIdx, &strLen,
|
||||
cert->maxIdx) < 0)
|
||||
|
@ -116,6 +116,9 @@ mp_clear (mp_int * a)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (a == NULL)
|
||||
return;
|
||||
|
||||
/* only do anything if a hasn't been freed previously */
|
||||
if (a->dp != NULL) {
|
||||
/* first zero the digits */
|
||||
|
@ -236,6 +236,16 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
|
||||
mp_int B1;
|
||||
|
||||
if (hashType == MD5) {
|
||||
Md5 md5;
|
||||
|
||||
InitMd5(&md5);
|
||||
Md5Update(&md5, buffer, totalLen);
|
||||
Md5Final(&md5, Ai);
|
||||
|
||||
for (i = 1; i < iterations; i++) {
|
||||
Md5Update(&md5, Ai, u);
|
||||
Md5Final(&md5, Ai);
|
||||
}
|
||||
}
|
||||
else if (hashType == SHA) {
|
||||
Sha sha;
|
||||
@ -251,10 +261,30 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
|
||||
}
|
||||
#ifndef NO_SHA256
|
||||
else if (hashType == SHA256) {
|
||||
Sha256 sha256;
|
||||
|
||||
InitSha256(&sha256);
|
||||
Sha256Update(&sha256, buffer, totalLen);
|
||||
Sha256Final(&sha256, Ai);
|
||||
|
||||
for (i = 1; i < iterations; i++) {
|
||||
Sha256Update(&sha256, Ai, u);
|
||||
Sha256Final(&sha256, Ai);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#ifdef CYASSL_SHA512
|
||||
else if (hashType == SHA512) {
|
||||
Sha512 sha512;
|
||||
|
||||
InitSha512(&sha512);
|
||||
Sha512Update(&sha512, buffer, totalLen);
|
||||
Sha512Final(&sha512, Ai);
|
||||
|
||||
for (i = 1; i < iterations; i++) {
|
||||
Sha512Update(&sha512, Ai, u);
|
||||
Sha512Final(&sha512, Ai);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -210,7 +210,7 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
|
||||
U32V(ctx->workCtx.x[1]<<16));
|
||||
|
||||
/* Increment pointers and decrement length */
|
||||
input += 16;
|
||||
input += 16;
|
||||
output += 16;
|
||||
msglen -= 16;
|
||||
}
|
||||
@ -219,25 +219,25 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen)
|
||||
if (msglen) {
|
||||
|
||||
word32 i;
|
||||
word32 tmp[4];
|
||||
byte* buffer = (byte*)tmp;
|
||||
byte buffer[16];
|
||||
|
||||
/* Iterate the system */
|
||||
RABBIT_next_state(&(ctx->workCtx));
|
||||
|
||||
/* Generate 16 bytes of pseudo-random data */
|
||||
tmp[0] = LITTLE32(ctx->workCtx.x[0] ^
|
||||
*(word32*)(buffer+ 0) = LITTLE32(ctx->workCtx.x[0] ^
|
||||
(ctx->workCtx.x[5]>>16) ^ U32V(ctx->workCtx.x[3]<<16));
|
||||
tmp[1] = LITTLE32(ctx->workCtx.x[2] ^
|
||||
*(word32*)(buffer+ 4) = LITTLE32(ctx->workCtx.x[2] ^
|
||||
(ctx->workCtx.x[7]>>16) ^ U32V(ctx->workCtx.x[5]<<16));
|
||||
tmp[2] = LITTLE32(ctx->workCtx.x[4] ^
|
||||
*(word32*)(buffer+ 8) = LITTLE32(ctx->workCtx.x[4] ^
|
||||
(ctx->workCtx.x[1]>>16) ^ U32V(ctx->workCtx.x[7]<<16));
|
||||
tmp[3] = LITTLE32(ctx->workCtx.x[6] ^
|
||||
*(word32*)(buffer+12) = LITTLE32(ctx->workCtx.x[6] ^
|
||||
(ctx->workCtx.x[3]>>16) ^ U32V(ctx->workCtx.x[1]<<16));
|
||||
|
||||
/* Encrypt/decrypt the data */
|
||||
for (i=0; i<msglen; i++)
|
||||
output[i] = input[i] ^ buffer[i];
|
||||
output[i] = input[i] ^ buffer[i]; /* scan-build thinks buffer[i] */
|
||||
/* is garbage, it is not! */
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -153,7 +153,7 @@ enum {
|
||||
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) && !defined(CYASSL_SAFERTOS)
|
||||
/* default C runtime, can install different routines at runtime */
|
||||
#include <cyassl/ctaocrypt/memory.h>
|
||||
#define XMALLOC(s, h, t) CyaSSL_Malloc((s))
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, CyaSSL_Malloc((s)))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) CyaSSL_Free((xp));}
|
||||
#define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n))
|
||||
#endif
|
||||
|
@ -449,7 +449,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
|
||||
(void)havePSK;
|
||||
(void)haveNTRU;
|
||||
(void)haveStaticECC;
|
||||
(void)haveRSAsig;
|
||||
|
||||
if (suites->setSuites)
|
||||
return; /* trust user settings, don't override */
|
||||
@ -457,8 +456,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
|
||||
if (side == SERVER_END && haveStaticECC)
|
||||
haveRSA = 0; /* can't do RSA with ECDSA key */
|
||||
|
||||
if (side == SERVER_END && haveECDSAsig)
|
||||
haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
|
||||
if (side == SERVER_END && haveECDSAsig) {
|
||||
haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
|
||||
(void)haveRSAsig; /* non ecc builds won't read */
|
||||
}
|
||||
|
||||
#ifdef CYASSL_DTLS
|
||||
if (pv.major == DTLS_MAJOR && pv.minor == DTLS_MINOR)
|
||||
@ -3349,7 +3350,8 @@ int SendCertificate(CYASSL* ssl)
|
||||
if (ssl->buffers.certChain.buffer) {
|
||||
XMEMCPY(output + i, ssl->buffers.certChain.buffer,
|
||||
ssl->buffers.certChain.length);
|
||||
i += ssl->buffers.certChain.length;
|
||||
/* if add more to output adjust i
|
||||
i += ssl->buffers.certChain.length; */
|
||||
}
|
||||
}
|
||||
HashOutput(ssl, output, sendSz, 0);
|
||||
@ -3418,7 +3420,8 @@ int SendCertificateRequest(CYASSL* ssl)
|
||||
}
|
||||
|
||||
c16toa(0, &output[i]); /* auth's */
|
||||
i += REQ_HEADER_SZ;
|
||||
/* if add more to output, adjust i
|
||||
i += REQ_HEADER_SZ; */
|
||||
|
||||
HashOutput(ssl, output, sendSz, 0);
|
||||
|
||||
@ -5259,7 +5262,8 @@ int SetCipherList(Suites* s, const char* list)
|
||||
idx += 2;
|
||||
}
|
||||
XMEMCPY(output + idx, encSecret, encSz);
|
||||
idx += encSz;
|
||||
/* if add more to output, adjust idx
|
||||
idx += encSz; */
|
||||
|
||||
HashOutput(ssl, output, sendSz, 0);
|
||||
|
||||
|
@ -1103,7 +1103,6 @@ int DeriveKeys(CYASSL* ssl)
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN);
|
||||
idx += RAN_LEN;
|
||||
|
||||
ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j);
|
||||
ShaFinal(&sha, shaOutput);
|
||||
|
@ -722,7 +722,6 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
|
||||
|
||||
(void)heap;
|
||||
(void)dynamicType;
|
||||
(void)pkcs8Enc;
|
||||
|
||||
if (type == CERT_TYPE || type == CA_TYPE) {
|
||||
XSTRNCPY(header, "-----BEGIN CERTIFICATE-----", sizeof(header));
|
||||
@ -759,8 +758,10 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
|
||||
sizeof(footer));
|
||||
|
||||
headerEnd = XSTRNSTR((char*)buff, header, sz);
|
||||
if (headerEnd)
|
||||
if (headerEnd) {
|
||||
pkcs8Enc = 1;
|
||||
(void)pkcs8Enc; /* only opensslextra will read */
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be ecc */
|
||||
@ -936,7 +937,7 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
|
||||
CYASSL_MSG("Growing Tmp Chain Buffer");
|
||||
bufferSz = sz - consumed; /* will shrink to actual size */
|
||||
chainBuffer = (byte*)XMALLOC(bufferSz, ctx->heap,
|
||||
DYNAMIC_FILE_TYPE);
|
||||
DYNAMIC_TYPE_FILE);
|
||||
if (chainBuffer == NULL) {
|
||||
XFREE(der.buffer, ctx->heap, dynamicType);
|
||||
return MEMORY_E;
|
||||
@ -1386,6 +1387,7 @@ int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff,
|
||||
CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer");
|
||||
|
||||
der.buffer = NULL;
|
||||
der.length = 0;
|
||||
|
||||
if (format == SSL_FILETYPE_PEM) {
|
||||
EncryptedInfo info;
|
||||
|
Loading…
Reference in New Issue
Block a user