From b83d41d828d78b83ea0995925ed50679c909e54b Mon Sep 17 00:00:00 2001 From: Peter Kolbus Date: Tue, 11 Dec 2018 14:01:44 -0600 Subject: [PATCH 1/3] Fix DEADCODE in mbedtls_mpi_exp_mod() In mbedtls_mpi_exp_mod(), the limit check on wsize is never true when MBEDTLS_MPI_WINDOW_SIZE is at least 6. Wrap in a preprocessor guard to remove the dead code and resolve a Coverity finding from the DEADCODE checker. Change-Id: Ice7739031a9e8249283a04de11150565b613ae89 --- library/bignum.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/bignum.c b/library/bignum.c index 87015af0c..47e4529be 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1869,8 +1869,10 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; +#if( MBEDTLS_MPI_WINDOW_SIZE < 6 ) if( wsize > MBEDTLS_MPI_WINDOW_SIZE ) wsize = MBEDTLS_MPI_WINDOW_SIZE; +#endif j = N->n + 1; MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); From 1e2aa72b576835585d7ef9543a4ce951ce02d0c8 Mon Sep 17 00:00:00 2001 From: Peter Kolbus Date: Thu, 27 Dec 2018 06:59:04 -0600 Subject: [PATCH 2/3] all.sh: Test MBEDTLS_MPI_WINDOW_SIZE=1 There were no tests for a non-default MPI window size. Add one. Change-Id: Ic08fbc9161d0b3ee67eb3c91f9baf602646c9dfe --- tests/scripts/all.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 039b1b887..ea141f197 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -976,6 +976,16 @@ support_test_mx32 () { esac } +component_test_min_mpi_window_size () { + msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s + scripts/config.pl set MBEDTLS_MPI_WINDOW_SIZE 1 + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s + make test +} + component_test_have_int32 () { msg "build: gcc, force 32-bit bignum limbs" scripts/config.pl unset MBEDTLS_HAVE_ASM From dc5893d5538ece10259de6b38b324c987274a3d5 Mon Sep 17 00:00:00 2001 From: k-stachowiak Date: Fri, 8 Feb 2019 17:22:21 +0100 Subject: [PATCH 3/3] Update change log --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 9b1230e20..405d1ca01 100644 --- a/ChangeLog +++ b/ChangeLog @@ -31,6 +31,10 @@ Changes Inserted as an enhancement for #1371 * Add support for alternative CSR headers, as used by Microsoft and defined in RFC 7468. Found by Michael Ernst. Fixes #767. + * Remove dead code from bignum.c in the default configuration. + Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309. + * Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh. + Contributed by Peter Kolbus (Garmin). = mbed TLS 2.16.0 branch released 2018-12-21