diff options
| author | Daiki Ueno <ueno@gnu.org> | 2022-10-06 18:44:48 +0900 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2022-11-22 13:37:33 +0900 |
| commit | 7fa942e08e64b761b19753ae74503de43cc1ff91 (patch) | |
| tree | 114a02d2e2525c1908ef7a2de3a02162cc4ea201 /lib | |
| parent | 8498a3a97a3f67ecaea9d16939f70076ac4d5b73 (diff) | |
| download | gnutls-7fa942e08e64b761b19753ae74503de43cc1ff91.tar.gz | |
build: suppress GCC analyzer warnings
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/auth/cert.c | 4 | ||||
| -rw-r--r-- | lib/nettle/int/provable-prime.c | 6 | ||||
| -rw-r--r-- | lib/pk.c | 6 | ||||
| -rw-r--r-- | lib/x509/pkcs7-crypt.c | 4 |
4 files changed, 17 insertions, 3 deletions
diff --git a/lib/auth/cert.c b/lib/auth/cert.c index 228d98468a..f122049e14 100644 --- a/lib/auth/cert.c +++ b/lib/auth/cert.c @@ -1636,6 +1636,10 @@ _gnutls_select_server_cert(gnutls_session_t session, const gnutls_cipher_suite_e if (session->internals.selected_cert_list_length == 0) return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); + if (unlikely(session->internals.selected_cert_list == NULL)) { + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + } + _gnutls_debug_log("Selected (%s) cert\n", gnutls_pk_get_name(session->internals.selected_cert_list[0].pubkey->params.algo)); } diff --git a/lib/nettle/int/provable-prime.c b/lib/nettle/int/provable-prime.c index 585cd031e0..3a626a2c81 100644 --- a/lib/nettle/int/provable-prime.c +++ b/lib/nettle/int/provable-prime.c @@ -1173,7 +1173,7 @@ st_provable_prime(mpz_t p, if (iterations > 0) { storage_length = iterations * DIGEST_SIZE; - storage = malloc(storage_length); + storage = gnutls_malloc(storage_length); if (storage == NULL) goto fail; @@ -1307,7 +1307,7 @@ st_provable_prime(mpz_t p, mpz_clear(t); mpz_clear(tmp); mpz_clear(c); - free(pseed); - free(storage); + gnutls_free(pseed); + gnutls_free(storage); return ret; } @@ -93,6 +93,7 @@ _gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value, } if (r->data[0] >= 0x80) { + assert(tmp); tmp[0] = 0; memcpy(&tmp[1], r->data, r->size); result = asn1_write_value(sig, "r", tmp, 1+r->size); @@ -108,6 +109,7 @@ _gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value, if (s->data[0] >= 0x80) { + assert(tmp); tmp[0] = 0; memcpy(&tmp[1], s->data, s->size); result = asn1_write_value(sig, "s", tmp, 1+s->size); @@ -598,6 +600,10 @@ encode_ber_digest_info(const mac_entry_st * e, uint8_t *tmp_output; int tmp_output_size; + if (unlikely(e == NULL)) { + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + } + /* prevent asn1_write_value() treating input as string */ if (digest->size == 0) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c index 59eddcd2a4..6f528a9114 100644 --- a/lib/x509/pkcs7-crypt.c +++ b/lib/x509/pkcs7-crypt.c @@ -1211,6 +1211,10 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, asn1_node pkcs8_asn, } ce = cipher_to_entry(enc_params->cipher); + if (unlikely(ce == NULL)) { + ret = gnutls_assert_val(GNUTLS_E_UNKNOWN_CIPHER_TYPE); + goto error; + } block_size = _gnutls_cipher_get_block_size(ce); if (ce->type == CIPHER_BLOCK) { |