fix clang --disable-memory issues

2015-12-02 14:40:32 -08:00 · 2015-12-02 14:40:32 -08:00 · e08fa67a32
parent 5cf94166b2
commit e08fa67a32
3 changed files with 27 additions and 12 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -2040,13 +2040,10 @@ void SSL_ResourceFree(WOLFSSL* ssl)
          DYNAMIC_TYPE_COOKIE_PWD);
 #endif
 #endif /* WOLFSSL_DTLS */
-#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
-    FreeX509(&ssl->peerCert);
-#endif
 #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
-    wolfSSL_BIO_free(ssl->biord);
-    if (ssl->biord != ssl->biowr)        /* in case same as write */
+    if (ssl->biord != ssl->biowr)        /* only free write if different */
        wolfSSL_BIO_free(ssl->biowr);
+    wolfSSL_BIO_free(ssl->biord);        /* always free read bio */
 #endif
 #ifdef HAVE_LIBZ
    FreeStreams(ssl);
@ -2090,6 +2087,9 @@ void SSL_ResourceFree(WOLFSSL* ssl)
    if (ssl->nxCtx.nxPacket)
        nx_packet_release(ssl->nxCtx.nxPacket);
 #endif
+#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
+    FreeX509(&(ssl->peerCert));   /* clang thinks this frees ssl itslef */
+#endif
 }

 #ifdef WOLFSSL_TI_HASH
@ -8130,14 +8130,22 @@ int SendCertificate(WOLFSSL* ssl)
        }

        if (IsEncryptionOn(ssl, 1)) {
-            byte* input;
+            byte* input = NULL;
            int   inputSz = i - RECORD_HEADER_SZ; /* build msg adds rec hdr */

-            input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            if (input == NULL)
-                return MEMORY_E;
+            if (inputSz < 0) {
+                WOLFSSL_MSG("Send Cert bad inputSz");
+                return BUFFER_E;
+            }
+
+            if (inputSz > 0) {  /* clang thinks could be zero, let's help */
+                input = (byte*)XMALLOC(inputSz, ssl->heap,
+                                       DYNAMIC_TYPE_TMP_BUFFER);
+                if (input == NULL)
+                    return MEMORY_E;
+                XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
+            }

-            XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
            sendSz = BuildMessage(ssl, output, sendSz, input,inputSz,handshake);
            XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);

--- a/src/ssl.c
+++ b/src/ssl.c
@ -2913,7 +2913,8 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
            WOLFSSL_MSG("Finished Processing Cert Chain");

            /* only retain actual size used */
-            shrinked = (byte*)XMALLOC(idx, heap, dynamicType);
+            if (idx > 0)  /* clang thinks it can be zero, let's help analysis */
+                shrinked = (byte*)XMALLOC(idx, heap, dynamicType);
            if (shrinked) {
                if (ssl) {
                    if (ssl->buffers.certChain.buffer &&
@ -2936,7 +2937,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
            if (dynamicBuffer)
                XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE);

-            if (shrinked == NULL) {
+            if (idx > 0 && shrinked == NULL) {
            #ifdef WOLFSSL_SMALL_STACK
                XFREE(info, NULL, DYNAMIC_TYPE_TMP_BUFFER);
            #endif
@ -14843,6 +14844,7 @@ WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group)
    p->internal = wc_ecc_new_point();
    if (p->internal == NULL) {
        WOLFSSL_MSG("ecc_new_point failure");
+        XFREE(p, NULL, DYNAMIC_TYPE_ECC);
        return NULL;
    }

@ -15061,6 +15063,7 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void)
        return NULL;
    }

+    sig->s = NULL;
    sig->r = wolfSSL_BN_new();
    if (sig->r == NULL) {
        WOLFSSL_MSG("wolfSSL_ECDSA_SIG_new malloc ECDSA r failure");
@ -15143,10 +15146,12 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
                else if (SetIndividualExternal(&(sig->r), &sig_r)!=SSL_SUCCESS){
                    WOLFSSL_MSG("ecdsa r key error");
                    wolfSSL_ECDSA_SIG_free(sig);
+                    sig = NULL;
                }
                else if (SetIndividualExternal(&(sig->s), &sig_s)!=SSL_SUCCESS){
                    WOLFSSL_MSG("ecdsa s key error");
                    wolfSSL_ECDSA_SIG_free(sig);
+                    sig = NULL;
                }

                mp_clear(&sig_r);
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -2793,6 +2793,7 @@ static int GetName(DecodedCert* cert, int nameType)
                                              cert->heap, DYNAMIC_TYPE_ALTNAME);
                        if (emailName->name == NULL) {
                            WOLFSSL_MSG("\tOut of Memory");
+                            XFREE(emailName, cert->heap, DYNAMIC_TYPE_ALTNAME);
                            return MEMORY_E;
                        }
                        XMEMCPY(emailName->name,
@ -4453,6 +4454,7 @@ static int DecodeSubtree(byte* input, int sz, Base_entry** head, void* heap)
            entry->name = (char*)XMALLOC(strLength, heap, DYNAMIC_TYPE_ALTNAME);
            if (entry->name == NULL) {
                WOLFSSL_MSG("allocate error");
+                XFREE(entry, heap, DYNAMIC_TYPE_ALTNAME);
                return MEMORY_E;
            }