Test api.c: change more tests to use Expect instead of Assert

bio.c:
  wolfSSL_BIO_flush(): check allocation to bio->ip succeeded.

internal.c:
  InitSSL_Ctx(): set ctx->heap to heap if value passed in
ProcessPeerCerts(): check for error MEMORY_E too as a fatal parsing
error

ssl.c:
wolfSSL_shutdown(): SOCKET_ERROR_E is also an indication that the
socket is done, MEMORY_E is a fatal error
  wolfSSL_Cleanup(): move free of memory fail couting to wolfSSL API
  SessionTicketNoncePrealloc(): eror return must be non-zero
AddSessionToCache(): XFREE checks for NULL no need to do it before
call
wolfSSL_set_psk_use_session_callback(): ensure ssl is not NULL before
dereferencing
wolfSSL_SMIME_read_PKCS7(): check for error return from
wolfSSL_BIO_gets()

asn.c:
  wc_MIME_parse_headers(): check allocation succeeded into nextHdr

compress.c:
  wc_DeCompressDynamic(): free tmp on inflateInit2 failure

memory.c: rework where memory allocation failure counting code for when
WOFLSSL_STATIC_MEMORY is defined

wc_port.c:
wolfCrypt_Cleanup(): only call wc_MemFailCount_Free() when no
wolfSSL_Cleanup()
This commit is contained in:
Sean Parkinson 2023-06-22 08:11:50 +10:00
parent 6697181081
commit 578f56e60c
9 changed files with 10676 additions and 16925 deletions

@ -2069,9 +2069,15 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
bio->ip = (char*)XMALLOC((port - str) + 1, /* +1 for null char */
bio->heap, DYNAMIC_TYPE_OPENSSL);
XMEMCPY(bio->ip, str, port - str);
bio->ip[port - str] = '\0';
bio->type = WOLFSSL_BIO_SOCKET;
if (bio->ip != NULL) {
XMEMCPY(bio->ip, str, port - str);
bio->ip[port - str] = '\0';
bio->type = WOLFSSL_BIO_SOCKET;
}
else {
BIO_free(bio);
bio = NULL;
}
}
return bio;
}

@ -2154,7 +2154,12 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
XMEMSET(ctx, 0, sizeof(WOLFSSL_CTX));
ctx->method = method;
ctx->heap = ctx; /* defaults to self */
if (heap == NULL) {
ctx->heap = ctx; /* defaults to self */
}
else {
ctx->heap = heap; /* wolfSSL_CTX_load_static_memory sets */
}
ctx->timeout = WOLFSSL_SESSION_TIMEOUT;
#ifdef WOLFSSL_DTLS
@ -13591,6 +13596,12 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (ret == 0) {
ret = ProcessPeerCertCheckKey(ssl, args);
}
else if (ret == ASN_PARSE_E || ret == BUFFER_E ||
ret == MEMORY_E) {
WOLFSSL_MSG(
"Got Peer cert ASN PARSE_E, BUFFER E, MEMORY_E");
ERROR_OUT(ret, exit_ppc);
}
if (ret == 0 && args->dCert->isCA == 0) {
WOLFSSL_MSG("Chain cert is not a CA, not adding as one");
@ -13875,8 +13886,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
args->fatal = 0;
}
}
else if (ret == ASN_PARSE_E || ret == BUFFER_E) {
WOLFSSL_MSG("Got Peer cert ASN PARSE or BUFFER ERROR");
else if (ret == ASN_PARSE_E || ret == BUFFER_E ||
ret == MEMORY_E) {
WOLFSSL_MSG("Got Peer cert ASN PARSE_E, BUFFER E, MEMORY_E");
#if defined(WOLFSSL_EXTRA_ALERTS) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
DoCertFatalAlert(ssl, ret);

@ -4446,12 +4446,14 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
/* call wolfSSL_shutdown again for bidirectional shutdown */
if (ssl->options.sentNotify && !ssl->options.closeNotify) {
ret = ProcessReply(ssl);
if (ret == ZERO_RETURN) {
if ((ret == ZERO_RETURN) || (ret == SOCKET_ERROR_E)) {
/* simulate OpenSSL behavior */
ssl->options.shutdownDone = 1;
/* Clear error */
ssl->error = WOLFSSL_ERROR_NONE;
ret = WOLFSSL_SUCCESS;
} else if (ret == MEMORY_E) {
ret = WOLFSSL_FATAL_ERROR;
} else if (ssl->error == WOLFSSL_ERROR_NONE) {
ret = WOLFSSL_SHUTDOWN_NOT_DONE;
} else {
@ -14479,6 +14481,10 @@ int wolfSSL_Cleanup(void)
crypto_ex_cb_ctx_session = NULL;
#endif
#ifdef WOLFSSL_MEM_FAIL_COUNT
wc_MemFailCount_Free();
#endif
return ret;
}
@ -14777,7 +14783,7 @@ static int SessionTicketNoncePrealloc(byte** buf, byte* len, void *heap)
if (*buf == NULL) {
WOLFSSL_MSG("Failed to preallocate ticket nonce buffer");
*len = 0;
return WOLFSSL_FAILURE;
return 1;
}
*len = PREALLOC_SESSION_TICKET_NONCE_LEN;
@ -15548,9 +15554,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
WOLFSSL_MSG("Hash session failed");
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
return ret;
@ -15560,9 +15565,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
WOLFSSL_MSG("Session row lock failed");
@ -15600,9 +15604,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
if (cacheSession == NULL) {
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
SESSION_ROW_UNLOCK(sessRow);
@ -15757,14 +15760,11 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
#ifdef HAVE_SESSION_TICKET
if (ticBuff != NULL && !ticBuffUsed)
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
if (cacheTicBuff != NULL)
XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
if (preallocNonce != NULL)
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
if (toFree != NULL)
XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
@ -16503,8 +16503,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_set_psk_use_session_callback");
ssl->options.havePSK = 1;
ssl->options.session_psk_cb = cb;
if (ssl != NULL) {
ssl->options.havePSK = 1;
ssl->options.session_psk_cb = cb;
}
WOLFSSL_LEAVE("wolfSSL_set_psk_use_session_callback", WOLFSSL_SUCCESS);
}
@ -31030,7 +31032,8 @@ int wolfSSL_SESSION_get_ex_new_index(long ctx_l,void* ctx_ptr,
}
#endif
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_DEBUG_MEMORY)
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_DEBUG_MEMORY) && \
!defined(WOLFSSL_STATIC_MEMORY)
static wolfSSL_OSSL_Malloc_cb ossl_malloc = NULL;
static wolfSSL_OSSL_Free_cb ossl_free = NULL;
static wolfSSL_OSSL_Realloc_cb ossl_realloc = NULL;
@ -31056,14 +31059,15 @@ static void* OSSL_Realloc(void *ptr, size_t size)
else
return NULL;
}
#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_DEBUG_MEMORY */
#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_DEBUG_MEMORY &&
* !WOLFSSL_STATIC_MEMORY */
int wolfSSL_CRYPTO_set_mem_functions(
wolfSSL_OSSL_Malloc_cb m,
wolfSSL_OSSL_Realloc_cb r,
wolfSSL_OSSL_Free_cb f)
{
#ifdef USE_WOLFSSL_MEMORY
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
#ifdef WOLFSSL_DEBUG_MEMORY
WOLFSSL_MSG("mem functions will receive function name instead of "
"file name");
@ -37777,6 +37781,9 @@ PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
}
lineLen = wolfSSL_BIO_gets(in, section, remainLen);
if (lineLen < 0) {
goto error;
}
while (XSTRNCMP(&section[sectionLen], boundary, boundLen) &&
remainLen > 0) {
canonLineLen = lineLen;

27322
tests/api.c

File diff suppressed because it is too large Load Diff

@ -224,6 +224,74 @@
#define ExpectBufEQ(x, y, z) ExpectBuf(x, y, z, ==, !=)
#define ExpectBufNE(x, y, z) ExpectBuf(x, y, z, !=, ==)
#define ExpectFail() ExpectTrue(0)
#define DoExpectNull(x) do { \
PEDANTIC_EXTENSION void* _x = (void*)(x); \
Expect(!_x, ("%s is null", #x), (#x " => %p", _x)); \
} while(0)
#define DoExpectInt(x, y, op, er) do { \
int _x = (int)(x); \
int _y = (int)(y); \
Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y)); \
} while(0)
#define DoExpectIntEQ(x, y) DoExpectInt(x, y, ==, !=)
#define DoExpectIntNE(x, y) DoExpectInt(x, y, !=, ==)
#define DoExpectIntGT(x, y) DoExpectInt(x, y, >, <=)
#define DoExpectIntLT(x, y) DoExpectInt(x, y, <, >=)
#define DoExpectIntGE(x, y) DoExpectInt(x, y, >=, <)
#define DoExpectIntLE(x, y) DoExpectInt(x, y, <=, >)
#define DoExpectStr(x, y, op, er) do { \
const char* _x = (const char*)(x); \
const char* _y = (const char*)(y); \
int _z = (_x && _y) ? strcmp(_x, _y) : -1; \
Expect(_z op 0, ("%s " #op " %s", #x, #y), \
("\"%s\" " #er " \"%s\"", _x, _y));\
} while(0)
#define DoExpectStrEQ(x, y) DoExpectStr(x, y, ==, !=)
#define DoExpectStrNE(x, y) DoExpectStr(x, y, !=, ==)
#define DoExpectStrGT(x, y) DoExpectStr(x, y, >, <=)
#define DoExpectStrLT(x, y) DoExpectStr(x, y, <, >=)
#define DoExpectStrGE(x, y) DoExpectStr(x, y, >=, <)
#define DoExpectStrLE(x, y) DoExpectStr(x, y, <=, >)
#define DoExpectPtr(x, y, op, er) do { \
PRAGMA_DIAG_PUSH; \
/* remarkably, without this inhibition, */ \
/* the _Pragma()s make the declarations warn. */ \
PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\""); \
/* inhibit "ISO C forbids conversion of function pointer */ \
/* to object pointer type [-Werror=pedantic]" */ \
PRAGMA("GCC diagnostic ignored \"-Wpedantic\""); \
void* _x = (void*)(x); \
void* _y = (void*)(y); \
Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y)); \
PRAGMA_DIAG_POP; \
} while(0)
#define DoExpectPtrEq(x, y) DoExpectPtr(x, y, ==, !=)
#define DoExpectPtrNE(x, y) DoExpectPtr(x, y, !=, ==)
#define DoExpectPtrGT(x, y) DoExpectPtr(x, y, >, <=)
#define DoExpectPtrLT(x, y) DoExpectPtr(x, y, <, >=)
#define DoExpectPtrGE(x, y) DoExpectPtr(x, y, >=, <)
#define DoExpectPtrLE(x, y) DoExpectPtr(x, y, <=, >)
#define DoExpectBuf(x, y, z, op, er) do { \
const byte* _x = (const byte*)(x); \
const byte* _y = (const byte*)(y); \
int _z = (int)(z); \
int _w = ((_x) && (_y)) ? XMEMCMP(_x, _y, _z) : -1; \
Expect(_w op 0, ("%s " #op " %s for %s", #x, #y, #z), \
("\"%p\" " #er " \"%p\" for \"%d\"", _x, _y, _z));\
} while(0)
#define DoExpectBufEQ(x, y, z) DoExpectBuf(x, y, z, ==, !=)
#define DoExpectBufNE(x, y, z) DoExpectBuf(x, y, z, !=, ==)
void ApiTest_PrintTestCases(void);
int ApiTest_RunIdx(int idx);

@ -36699,13 +36699,17 @@ int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
goto error;
}
nextHdr = (MimeHdr*)XMALLOC(sizeof(MimeHdr), NULL, DYNAMIC_TYPE_PKCS7);
nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
DYNAMIC_TYPE_PKCS7);
if (nextHdr == NULL || nextParam == NULL) {
if (nextHdr == NULL) {
ret = MEMORY_E;
goto error;
}
XMEMSET(nextHdr, 0, sizeof(MimeHdr));
nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
DYNAMIC_TYPE_PKCS7);
if (nextParam == NULL) {
ret = MEMORY_E;
goto error;
}
XMEMSET(nextParam, 0, sizeof(MimeParam));
curLine = XSTRTOK(in, "\r\n", &ptr);
@ -36841,10 +36845,8 @@ error:
if (ret != 0)
wc_MIME_free_hdrs(curHdr);
wc_MIME_free_hdrs(nextHdr);
if (nameAttr != NULL)
XFREE(nameAttr, NULL, DYNAMIC_TYPE_PKCS7);
if (bodyVal != NULL)
XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
XFREE(nameAttr, NULL, DYNAMIC_TYPE_PKCS7);
XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
return ret;

@ -245,6 +245,7 @@ int wc_DeCompressDynamic(byte** out, int maxSz, int memoryType,
stream.opaque = (voidpf)0;
if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS | windowBits) != Z_OK) {
XFREE(tmp, heap, memoryType);
return DECOMPRESS_INIT_E;
}

@ -128,6 +128,51 @@ int wolfSSL_GetAllocators(wolfSSL_Malloc_cb* mf,
return 0;
}
#ifdef WOLFSSL_MEM_FAIL_COUNT
static wolfSSL_Mutex memFailMutex;
int mem_fail_allocs = 0;
int mem_fail_frees = 0;
int mem_fail_cnt = 0;
void wc_MemFailCount_Init()
{
char* cnt;
wc_InitMutex(&memFailMutex);
cnt = getenv("MEM_FAIL_CNT");
if (cnt != NULL) {
fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
mem_fail_cnt = atoi(cnt);
}
}
static int wc_MemFailCount_AllocMem(void)
{
int ret = 1;
wc_LockMutex(&memFailMutex);
if ((mem_fail_cnt > 0) && (mem_fail_cnt <= mem_fail_allocs + 1)) {
ret = 0;
}
else {
mem_fail_allocs++;
}
wc_UnLockMutex(&memFailMutex);
return ret;
}
static void wc_MemFailCount_FreeMem(void)
{
wc_LockMutex(&memFailMutex);
mem_fail_frees++;
wc_UnLockMutex(&memFailMutex);
}
void wc_MemFailCount_Free()
{
wc_FreeMutex(&memFailMutex);
fprintf(stderr, "MemFailCount Total: %d\n", mem_fail_allocs);
fprintf(stderr, "MemFailCount Frees: %d\n", mem_fail_frees);
}
#endif
#ifndef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_CHECK_MEM_ZERO
@ -269,51 +314,6 @@ void wc_MemZero_Check(void* addr, size_t len)
}
#endif /* WOLFSSL_CHECK_MEM_ZERO */
#ifdef WOLFSSL_MEM_FAIL_COUNT
static wolfSSL_Mutex memFailMutex;
int mem_fail_allocs = 0;
int mem_fail_frees = 0;
int mem_fail_cnt = 0;
void wc_MemFailCount_Init()
{
char* cnt;
wc_InitMutex(&memFailMutex);
cnt = getenv("MEM_FAIL_CNT");
if (cnt != NULL) {
fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
mem_fail_cnt = atoi(cnt);
}
}
static int wc_MemFailCount_AllocMem(void)
{
int ret = 1;
wc_LockMutex(&memFailMutex);
if ((mem_fail_cnt > 0) && (mem_fail_cnt <= mem_fail_allocs + 1)) {
ret = 0;
}
else {
mem_fail_allocs++;
}
wc_UnLockMutex(&memFailMutex);
return ret;
}
static void wc_MemFailCount_FreeMem(void)
{
wc_LockMutex(&memFailMutex);
mem_fail_frees++;
wc_UnLockMutex(&memFailMutex);
}
void wc_MemFailCount_Free()
{
wc_FreeMutex(&memFailMutex);
fprintf(stderr, "MemFailCount Total: %d\n", mem_fail_allocs);
fprintf(stderr, "MemFailCount Frees: %d\n", mem_fail_frees);
}
#endif
#ifdef WOLFSSL_DEBUG_MEMORY
void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line)
#else
@ -1325,8 +1325,13 @@ void *xmalloc(size_t n, void* heap, int type, const char* func,
}
#endif
if (malloc_function)
if (malloc_function) {
#ifndef WOLFSSL_STATIC_MEMORY
p32 = malloc_function(n + sizeof(word32) * 4);
#else
p32 = malloc_function(n + sizeof(word32) * 4, heap, type);
#endif
}
else
p32 = malloc(n + sizeof(word32) * 4);
@ -1363,8 +1368,13 @@ void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
oldLen = oldp32[0];
}
if (realloc_function)
if (realloc_function) {
#ifndef WOLFSSL_STATIC_MEMORY
p32 = realloc_function(oldp32, n + sizeof(word32) * 4);
#else
p32 = realloc_function(oldp32, n + sizeof(word32) * 4, heap, type);
#endif
}
else
p32 = realloc(oldp32, n + sizeof(word32) * 4);
@ -1404,8 +1414,13 @@ void xfree(void *p, void* heap, int type, const char* func, const char* file,
fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%u\n", p, p32[0], type,
func, file, line);
if (free_function)
if (free_function) {
#ifndef WOLFSSL_STATIC_MEMORY
free_function(p32);
#else
free_function(p32, heap, type);
#endif
}
else
free(p32);
}

@ -477,7 +477,7 @@ int wolfCrypt_Cleanup(void)
Entropy_Final();
#endif
#ifdef WOLFSSL_MEM_FAIL_COUNT
#if defined(WOLFSSL_MEM_FAIL_COUNT) && defined(WOLFCRYPT_ONLY)
wc_MemFailCount_Free();
#endif
#ifdef WOLFSSL_CHECK_MEM_ZERO