From 944638f77c919baa4c06c8c2ced99dd3e2821514 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 20 Feb 2017 14:03:40 +0100 Subject: eliminated various clang warnings with non-null arguments That is, use assert() to ensure that known to be non-null variables will be used as input to functions requiring non-null. Signed-off-by: Nikos Mavrogiannopoulos --- lib/cipher_int.c | 1 + lib/dh.c | 1 + lib/gnutls_int.h | 1 + lib/str.c | 3 +++ lib/tls-sig.c | 6 ++++-- lib/x509/crq.c | 2 ++ lib/x509/name_constraints.c | 8 +++++++- lib/x509/ocsp.c | 1 + lib/x509/output.c | 2 +- lib/x509/privkey_pkcs8.c | 2 ++ 10 files changed, 23 insertions(+), 4 deletions(-) diff --git a/lib/cipher_int.c b/lib/cipher_int.c index 46ce30b6c8..bc5ba38dec 100644 --- a/lib/cipher_int.c +++ b/lib/cipher_int.c @@ -305,6 +305,7 @@ int _gnutls_auth_cipher_encrypt2_tag(auth_cipher_hd_st * handle, ciphertextlen) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + assert(blocksize != 0); l = (textlen / blocksize) * blocksize; if (l > 0) { ret = diff --git a/lib/dh.c b/lib/dh.c index 8248baf26c..06e6145984 100644 --- a/lib/dh.c +++ b/lib/dh.c @@ -456,6 +456,7 @@ gnutls_dh_params_export_pkcs3(gnutls_dh_params_t params, return GNUTLS_E_SHORT_MEMORY_BUFFER; } + assert(out.data != NULL); *params_data_size = out.size; if (params_data) { memcpy(params_data, out.data, out.size); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index a7d39d2495..4132c01680 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -36,6 +36,7 @@ #include #include #include +#include /* For some reason gnulib likes to provide alternatives for * functions it doesn't include. Even worse these functions seem diff --git a/lib/str.c b/lib/str.c index 4a72a2f27f..647b03c836 100644 --- a/lib/str.c +++ b/lib/str.c @@ -110,6 +110,7 @@ void _gnutls_buffer_clear(gnutls_buffer_st * str) static void align_allocd_with_data(gnutls_buffer_st * dest) { + assert(dest->allocd != NULL); if (dest->length) memmove(dest->allocd, dest->data, dest->length); dest->data = dest->allocd; @@ -344,6 +345,8 @@ _gnutls_buffer_insert_data(gnutls_buffer_st * dest, int pos, if (ret < 0) return ret; + assert(dest->data != NULL); + memmove(&dest->data[pos + str_size], &dest->data[pos], orig_length - pos); diff --git a/lib/tls-sig.c b/lib/tls-sig.c index ed188c99ab..76be441afb 100644 --- a/lib/tls-sig.c +++ b/lib/tls-sig.c @@ -166,13 +166,15 @@ sign_tls_hash(gnutls_session_t session, const mac_entry_st * hash_algo, return gnutls_assert_val(ret); } - if (!_gnutls_version_has_selectable_sighash(ver)) + if (!_gnutls_version_has_selectable_sighash(ver)) { return gnutls_privkey_sign_raw_data(pkey, 0, hash_concat, signature); - else + } else { + assert(hash_algo != NULL); return gnutls_privkey_sign_hash(pkey, (gnutls_digest_algorithm_t)hash_algo->id, 0, hash_concat, signature); + } } static int diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 936e122519..af0ecf8264 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -1099,6 +1099,8 @@ gnutls_x509_crq_set_challenge_password(gnutls_x509_crq_t crq, password = (char*)out.data; } + assert(password != NULL); + result = _gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7", crq->crq, "certificationRequestInfo.attributes.?LAST", password, diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c index 7ae45c003d..38805b6fe0 100644 --- a/lib/x509/name_constraints.c +++ b/lib/x509/name_constraints.c @@ -774,11 +774,12 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1, { // presume empty intersection name_constraints_node_st *intersection = NULL; - *_intersection = NULL; name_constraints_node_st *to_copy = NULL; unsigned iplength = 0; unsigned byte; + *_intersection = NULL; + if (nc1->type != nc2->type) { return GNUTLS_E_SUCCESS; } @@ -812,12 +813,16 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1, // for other types, we don't know how to do the intersection, assume empty return GNUTLS_E_SUCCESS; } + // copy existing node if applicable if (to_copy != NULL) { *_intersection = name_constraints_node_new(to_copy->type, to_copy->name.data, to_copy->name.size); if (*_intersection == NULL) return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); intersection = *_intersection; + + assert(intersection->name.data != NULL); + if (intersection->type == GNUTLS_SAN_IPADDRESS) { // make sure both IP addresses are correctly masked _gnutls_mask_ip(intersection->name.data, intersection->name.data+iplength, iplength); @@ -828,6 +833,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1, } } } + return GNUTLS_E_SUCCESS; } diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c index 92f037029d..69ca230e22 100644 --- a/lib/x509/ocsp.c +++ b/lib/x509/ocsp.c @@ -1949,6 +1949,7 @@ static gnutls_x509_crt_t find_signercert(gnutls_ocsp_resp_t resp) goto quit; } } else { + assert(riddn.data != NULL); if ((certs[i]->raw_dn.size == riddn.size) && memcmp(riddn.data, certs[i]->raw_dn.data, riddn.size) == 0) { signercert = certs[i]; diff --git a/lib/x509/output.c b/lib/x509/output.c index 08f58c9ce1..642d74d070 100644 --- a/lib/x509/output.c +++ b/lib/x509/output.c @@ -77,7 +77,7 @@ gnutls_datum_t out; gnutls_free(out.data); is_printed = 1; } - } else { + } else if (name->data != NULL) { if (strstr((char*)name->data, "xn--") != NULL) { ret = gnutls_idna_reverse_map((char*)name->data, name->size, &out, 0); if (ret >= 0) { diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index cc52be94a8..06c9ec0bce 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -509,6 +509,8 @@ gnutls_pkcs8_info(const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format, goto cleanup; } + assert(p != NULL); + if (need_free) _gnutls_free_datum(&_data); -- cgit v1.2.1