From 65b1fa6b0765af2a2129992ecb1b6bd569494986 Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 23 May 2016 23:18:26 +0100 Subject: [PATCH 1/3] Fixes warnings found by Clang static analyser Also removes annotations in the code to avoid warnings which don't appear to be needed. --- library/havege.c | 2 ++ library/rsa.c | 15 --------------- tests/suites/main_test.function | 5 +++++ 3 files changed, 7 insertions(+), 15 deletions(-) mode change 100644 => 100755 library/rsa.c diff --git a/library/havege.c b/library/havege.c index 7623bc067..2b75ef7bd 100644 --- a/library/havege.c +++ b/library/havege.c @@ -174,6 +174,8 @@ static void havege_fill( mbedtls_havege_state *hs ) PTX = U1 = 0; PTY = U2 = 0; + (void)PTX; + memset( RES, 0, sizeof( RES ) ); while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 ) diff --git a/library/rsa.c b/library/rsa.c old mode 100644 new mode 100755 index 79f86c306..e26d0df7d --- a/library/rsa.c +++ b/library/rsa.c @@ -804,12 +804,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int ret; size_t ilen, pad_count = 0, i; unsigned char *p, bad, pad_done = 0; -#if defined(__clang_analyzer__) - /* Shut up Clang, mbedtls_rsa_public/private writes to this */ - unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; -#else unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; -#endif if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1193,12 +1188,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, size_t slen, msb; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; -#if defined(__clang_analyzer__) - /* Shut up Clang, mbedtls_rsa_public/private writes to this */ - unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; -#else unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; -#endif if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1340,12 +1330,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, mbedtls_md_type_t msg_md_alg; const mbedtls_md_info_t *md_info; mbedtls_asn1_buf oid; -#if defined(__clang_analyzer__) - /* Shut up Clang, mbedtls_rsa_public/private writes to this */ - unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { }; -#else unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; -#endif if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index f18248578..ac5322e45 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -83,6 +83,7 @@ int dep_check( char *str ) return( 1 ); DEP_CHECK_CODE +#line !LINE_NO! "main_test.function" return( DEPENDENCY_NOT_SUPPORTED ); } @@ -96,8 +97,12 @@ int dispatch_test(int cnt, char *params[50]) #if defined(TEST_SUITE_ACTIVE) ret = DISPATCH_TEST_SUCCESS; + // Cast to void to avoid compiler warnings + (void)ret; + DISPATCH_FUNCTION { +#line !LINE_NO! "main_test.function" mbedtls_fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] ); From 2917b9e5de6cd774d0358928dc6309b5a235f70e Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Wed, 25 May 2016 00:59:37 +0100 Subject: [PATCH 2/3] Clarified function param in dhm.h --- include/mbedtls/dhm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index cd056d1b4..d7ab1522e 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -221,7 +221,7 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx, * \param ctx DHM context * \param x_size private value size in bytes * \param output destination buffer - * \param olen must be equal to ctx->P.len + * \param olen must be at least equal to the size of P, ctx->len * \param f_rng RNG function * \param p_rng RNG parameter * From 9fa2e86d93b9b6e04c0a797b34aaf7b6066fbb25 Mon Sep 17 00:00:00 2001 From: -~- redtangent ~-~ Date: Thu, 26 May 2016 10:07:49 +0100 Subject: [PATCH 3/3] Add missing mbedtls_time_t definitions (#493) Add missing mbedtls_time_t definitions to sample applications and the error.c generation script. Fixes #490. --- library/error.c | 1 + programs/pkey/dh_client.c | 1 + programs/pkey/dh_genprime.c | 1 + programs/pkey/dh_server.c | 1 + programs/ssl/dtls_client.c | 1 + programs/ssl/dtls_server.c | 1 + programs/ssl/ssl_fork_server.c | 1 + scripts/data_files/error.fmt | 1 + 8 files changed, 8 insertions(+) diff --git a/library/error.c b/library/error.c index debda1d78..4718b514d 100644 --- a/library/error.c +++ b/library/error.c @@ -34,6 +34,7 @@ #include "mbedtls/platform.h" #else #define mbedtls_snprintf snprintf +#define mbedtls_time_t time_t #endif #if defined(MBEDTLS_ERROR_C) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 59c4fa8c2..230bf4d7c 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -30,6 +30,7 @@ #else #include #define mbedtls_printf printf +#define mbedtls_time_t time_t #endif #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 6005a62f5..d30c73bf7 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -30,6 +30,7 @@ #else #include #define mbedtls_printf printf +#define mbedtls_time_t time_t #endif #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 83b0b4456..cb156f79b 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -30,6 +30,7 @@ #else #include #define mbedtls_printf printf +#define mbedtls_time_t time_t #endif #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index b37eb838c..14fb61202 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -31,6 +31,7 @@ #include #define mbedtls_printf printf #define mbedtls_fprintf fprintf +#define mbedtls_time_t time_t #endif #if !defined(MBEDTLS_SSL_CLI_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index df0fc780a..1d6eb3bea 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -31,6 +31,7 @@ #include #define mbedtls_printf printf #define mbedtls_fprintf fprintf +#define mbedtls_time_t time_t #endif #if !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) || \ diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 545e2fbf3..363f38f73 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -31,6 +31,7 @@ #include #define mbedtls_fprintf fprintf #define mbedtls_printf printf +#define mbedtls_time_t time_t #endif #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_CERTS_C) || \ diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index bd6ef0138..a08742c83 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -34,6 +34,7 @@ #include "mbedtls/platform.h" #else #define mbedtls_snprintf snprintf +#define mbedtls_time_t time_t #endif #if defined(MBEDTLS_ERROR_C)