From 175668a8fde97d06d2e5f7d09bc8f3533dcfd89c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 10 Jan 2018 11:24:43 +0000 Subject: [PATCH] Address issues found by coverity 1) The MPI test for prime generation missed a return value check for a call to `mpi_shift_r`. This is neither critical nor new but should be fixed. 2) The RSA keygeneration example program contained code initializing an RSA context after a potentially failing call to CTR DRBG initialization, leaving the corresponding RSA context free call in the cleanup section orphaned. The commit fixes this by moving the initializtion of the RSA context prior to the first potentially failing call. --- programs/pkey/rsa_genkey.c | 2 +- tests/suites/test_suite_mpi.function | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 0270b53bc..305158b41 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -74,6 +74,7 @@ int main( void ) fflush( stdout ); entropy_init( &entropy ); + rsa_init( &rsa, RSA_PKCS_V15, 0 ); if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) @@ -85,7 +86,6 @@ int main( void ) polarssl_printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE ); fflush( stdout ); - rsa_init( &rsa, RSA_PKCS_V15, 0 ); if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE, EXPONENT ) ) != 0 ) diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function index c0fdf8e8d..ad2b32e1e 100644 --- a/tests/suites/test_suite_mpi.function +++ b/tests/suites/test_suite_mpi.function @@ -823,7 +823,8 @@ void mpi_gen_prime( int bits, int safe, int ref_ret ) TEST_ASSERT( mpi_is_prime( &X, rnd_std_rand, NULL ) == 0 ); if( safe ) { - mpi_shift_r( &X, 1 ); /* X = ( X - 1 ) / 2 */ + /* X = ( X - 1 ) / 2 */ + TEST_ASSERT( mpi_shift_r( &X, 1 ) == 0 ); TEST_ASSERT( mpi_is_prime( &X, rnd_std_rand, NULL ) == 0 ); } }