Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
RT-Thread-packages
/
esp-idf
-ын хуулбар https://github-proxy.rt-thread.io/RT-Thread-packages/esp-idf.git
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Эх сурвалжийг харах

Merge branch 'bugfix/pvs_warning_fixes' into 'master'

wpa_supplicant: fix issues reported in static analysis

Closes IDF-2733

See merge request espressif/esp-idf!17499
Kapil Gupta 3 жил өмнө
parent
2eddcc1b63 6da52cf0d8
commit
2bdaa49cb0
6 өөрчлөгдсөн 18 нэмэгдсэн , 15 устгасан
Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах
  1. 8 6
      components/wpa_supplicant/src/common/dpp.c
  2. 3 5
      components/wpa_supplicant/src/common/sae.c
  3. 2 2
      components/wpa_supplicant/src/crypto/des-internal.c
  4. 1 1
      components/wpa_supplicant/src/crypto/libtommath.h
  5. 1 1
      components/wpa_supplicant/src/tls/libtommath.h
  6. 3 0
      components/wpa_supplicant/src/wps/wps.c

+ 8 - 6
components/wpa_supplicant/src/common/dpp.c
Файл харах 

@@ -847,7 +847,7 @@ static int dpp_derive_k1(const u8 *Mx, size_t Mx_len, u8 *k1,
 
 
 	/* HKDF-Expand(PRK, info, L) */
 
 	res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k1, hash_len);
 
-	os_memset(prk, 0, hash_len);
 
+	forced_memzero(prk, hash_len);
 
 	if (res < 0)
 
 		return -1;
 
 
@@ -876,7 +876,7 @@ static int dpp_derive_k2(const u8 *Nx, size_t Nx_len, u8 *k2,
 
 
 	/* HKDF-Expand(PRK, info, L) */
 
 	res = dpp_hkdf_expand(hash_len, prk, hash_len, info, k2, hash_len);
 
-	os_memset(prk, 0, hash_len);
 
+	forced_memzero(prk, hash_len);
 
 	if (res < 0)
 
 		return -1;
 
 
@@ -935,7 +935,7 @@ static int dpp_derive_ke(struct dpp_authentication *auth, u8 *ke,
 
 
 	/* HKDF-Expand(PRK, info, L) */
 
 	res = dpp_hkdf_expand(hash_len, prk, hash_len, info_ke, ke, hash_len);
 
-	os_memset(prk, 0, hash_len);
 
+	forced_memzero(prk, hash_len);
 
 	if (res < 0)
 
 		return -1;
 
 
@@ -3938,7 +3938,7 @@ static void dpp_build_legacy_cred_params(struct wpabuf *buf,
 
 		wpa_snprintf_hex(psk, sizeof(psk),
 
 				 conf->psk, sizeof(conf->psk));
 
 		json_add_string(buf, "psk_hex", psk);
 
-	    os_memset(psk, 0, sizeof(psk));
 
+		forced_memzero(psk, sizeof(psk));
 
 	}
 
 }
 
 
@@ -4110,6 +4110,8 @@ skip_groups:
 
 		goto fail;
 
 
 	signature = os_malloc(2 * curve->prime_len);
 
+	if (!signature)
 
+		goto fail;
 
 	if (dpp_bn2bin_pad(r, signature, curve->prime_len) < 0 ||
 
 			dpp_bn2bin_pad(s, signature + curve->prime_len,
 
 				curve->prime_len) < 0)
 
@@ -5728,7 +5730,7 @@ static int dpp_derive_pmk(const u8 *Nx, size_t Nx_len, u8 *pmk,
 
 
 	/* HKDF-Expand(PRK, info, L) */
 
 	res = dpp_hkdf_expand(hash_len, prk, hash_len, info, pmk, hash_len);
 
-	os_memset(prk, 0, hash_len);
 
+	forced_memzero(prk, hash_len);
 
 	if (res < 0)
 
 		return -1;
 
 
@@ -5933,7 +5935,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
 
 fail:
 
 	if (ret != DPP_STATUS_OK)
 
 		os_memset(intro, 0, sizeof(*intro));
 
-	os_memset(Nx, 0, sizeof(Nx));
 
+	forced_memzero(Nx, sizeof(Nx));
 
 	os_free(own_conn);
 
 	os_free(signed_connector);
 
 	os_free(info.payload);

+ 3 - 5
components/wpa_supplicant/src/common/sae.c
Файл харах 

@@ -147,7 +147,7 @@ static struct crypto_bignum * sae_get_rand(struct sae_data *sae)
 
 		break;
 
 	}
 
 
-	os_memset(val, 0, order_len);
 
+	forced_memzero(val, order_len);
 
 	return bn;
 
 }
 
 
@@ -830,11 +830,11 @@ static int sae_derive_keys(struct sae_data *sae, const u8 *k)
 
 	if (sha256_prf(keyseed, sizeof(keyseed), "SAE KCK and PMK",
 
 		       val, sae->tmp->prime_len, keys, sizeof(keys)) < 0)
 
 		goto fail;
 
-	os_memset(keyseed, 0, sizeof(keyseed));
 
+	forced_memzero(keyseed, sizeof(keyseed));
 
 	os_memcpy(sae->tmp->kck, keys, SAE_KCK_LEN);
 
 	os_memcpy(sae->pmk, keys + SAE_KCK_LEN, SAE_PMK_LEN);
 
 	os_memcpy(sae->pmkid, val, SAE_PMKID_LEN);
 
-	os_memset(keys, 0, sizeof(keys));
 
+	forced_memzero(keys, sizeof(keys));
 
 	wpa_hexdump_key(MSG_DEBUG, "SAE: KCK", sae->tmp->kck, SAE_KCK_LEN);
 
 	wpa_hexdump_key(MSG_DEBUG, "SAE: PMK", sae->pmk, SAE_PMK_LEN);
 
 
@@ -1181,8 +1181,6 @@ static int sae_parse_password_identifier(struct sae_data *sae,
 
 				   sae->tmp->pw_id);
 
 			return WLAN_STATUS_UNKNOWN_PASSWORD_IDENTIFIER;
 
 		}
 
-		os_free(sae->tmp->pw_id);
 
-		sae->tmp->pw_id = NULL;
 
 		return WLAN_STATUS_SUCCESS; /* No Password Identifier */
 
 	}

+ 2 - 2
components/wpa_supplicant/src/crypto/des-internal.c
Файл харах 

@@ -419,8 +419,8 @@ int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher)
 
 	WPA_PUT_BE32(cypher, work[0]);
 
 	WPA_PUT_BE32(cypher + 4, work[1]);
 
 
-	os_memset(pkey, 0, sizeof(pkey));
 
-	os_memset(ek, 0, sizeof(ek));
 
+	forced_memzero(pkey, sizeof(pkey));
 
+	forced_memzero(ek, sizeof(ek));
 
 	return 0;
 
 }

+ 1 - 1
components/wpa_supplicant/src/crypto/libtommath.h
Файл харах 

@@ -1657,7 +1657,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
 
   }
 
 
   /* init our temps */
 
-  if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) {
 
+  if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
 
      return res;
 
   }

+ 1 - 1
components/wpa_supplicant/src/tls/libtommath.h
Файл харах 

@@ -1653,7 +1653,7 @@ mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
 
   }
 
 
   /* init our temps */
 
-  if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL) != MP_OKAY)) {
 
+  if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
 
      return res;
 
   }

+ 3 - 0
components/wpa_supplicant/src/wps/wps.c
Файл харах 

@@ -71,6 +71,9 @@ int wps_is_selected_pbc_registrar(const struct wpabuf *msg)
 
 {
 
     struct wps_parse_attr *attr = (struct wps_parse_attr *)os_zalloc(sizeof(struct wps_parse_attr));
 
 
+    if (!attr)
 
+        return 0;
 
+
 
     /*
 
      * In theory, this could also verify that attr.sel_reg_config_methods
 
      * includes WPS_CONFIG_PUSHBUTTON, but some deployed AP implementations