20250107-clang-tidy-xmss

.wolfssl_known_macro_extras

@@ -638,7 +638,6 @@ WOLFSSL_FRDM_K64
 WOLFSSL_FRDM_K64_JENKINS
 WOLFSSL_FUNC_TIME
 WOLFSSL_FUNC_TIME_LOG
-WOLFSSL_GAISLER_BCC
 WOLFSSL_GEN_CERT
 WOLFSSL_GETRANDOM
 WOLFSSL_GNRC
@@ -682,7 +681,6 @@ WOLFSSL_MULTICIRCULATE_ALTNAMELIST
 WOLFSSL_NONBLOCK_OCSP
 WOLFSSL_NOSHA3_384
 WOLFSSL_NOT_WINDOWS_API
-WOLFSSL_NO_AES_CFB_1_8
 WOLFSSL_NO_BIO_ADDR_IN
 WOLFSSL_NO_CLIENT
 WOLFSSL_NO_CLIENT_CERT_ERROR

tests/api.c

@@ -99282,7 +99282,7 @@ static int test_dtls12_basic_connection_id(void)
             WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
             struct test_memio_ctx test_ctx;
 
-            printf("Testing %s run #%ld ... ", params[i], j);
+            printf("Testing %s run #%ld ... ", params[i], (long int)j);
 
             XMEMSET(&test_ctx, 0, sizeof(test_ctx));
 

wolfcrypt/src/dh.c

@@ -2549,31 +2549,41 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
          * public moduli (known primes) from RFC 7919.
          */
         #ifdef HAVE_FFDHE_2048
-        if ((pSz == sizeof(dh_ffdhe2048_p)) && (XMEMCMP(p, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p)) == 0)) {
+        if ((pSz == sizeof(dh_ffdhe2048_p)) &&
+            (XMEMCMP(p, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p)) == 0))
+        {
             isPrime = 1;
         }
         else
         #endif
         #ifdef HAVE_FFDHE_3072
-        if ((pSz == sizeof(dh_ffdhe3072_p)) && (XMEMCMP(p, dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p)) == 0)) {
+        if ((pSz == sizeof(dh_ffdhe3072_p)) &&
+            (XMEMCMP(p, dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p)) == 0))
+        {
             isPrime = 1;
         }
         else
         #endif
         #ifdef HAVE_FFDHE_4096
-        if ((pSz == sizeof(dh_ffdhe4096_p)) && (XMEMCMP(p, dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p)) == 0)) {
+        if ((pSz == sizeof(dh_ffdhe4096_p)) &&
+            (XMEMCMP(p, dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p)) == 0))
+        {
             isPrime = 1;
         }
         else
         #endif
         #ifdef HAVE_FFDHE_6144
-        if ((pSz == sizeof(dh_ffdhe6144_p)) && (XMEMCMP(p, dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p)) == 0)) {
+        if ((pSz == sizeof(dh_ffdhe6144_p)) &&
+            (XMEMCMP(p, dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p)) == 0))
+        {
             isPrime = 1;
         }
         else
         #endif
         #ifdef HAVE_FFDHE_8192
-        if ((pSz == sizeof(dh_ffdhe8192_p)) && (XMEMCMP(p, dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p)) == 0)) {
+        if ((pSz == sizeof(dh_ffdhe8192_p)) &&
+            (XMEMCMP(p, dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p)) == 0))
+        {
             isPrime = 1;
         }
         else

wolfcrypt/src/integer.c

@@ -440,6 +440,10 @@ int mp_grow (mp_int * a, int size)
       a->dp[i] = 0;
     }
   }
+  else if ((a->alloc > 0) && (a->dp == NULL)) {
+      /* opportunistic sanity check on a->dp */
+      return MP_VAL;
+  }
   return MP_OKAY;
 }
 
@@ -1758,6 +1762,13 @@ int s_mp_add (mp_int * a, mp_int * b, mp_int * c)
     /* destination */
     tmpc = c->dp;
 
+    /* sanity-check dp pointers from a and b. */
+    if ((min_ab > 0) &&
+        ((tmpa == NULL) || (tmpb == NULL)))
+    {
+        return MP_VAL;
+    }
+
     /* zero the carry */
     u = 0;
     for (i = 0; i < min_ab; i++) {
@@ -1833,6 +1844,13 @@ int s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
     tmpb = b->dp;
     tmpc = c->dp;
 
+    /* sanity-check dp pointers from a and b. */
+    if ((min_b > 0) &&
+        ((tmpa == NULL) || (tmpb == NULL)))
+    {
+        return MP_VAL;
+    }
+
     /* set carry to zero */
     u = 0;
     for (i = 0; i < min_b; i++) {

wolfcrypt/src/pkcs7.c

@@ -2073,6 +2073,8 @@ static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd,
 
         cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib);
 
+        XMEMSET(&cannedAttribs[idx], 0, sizeof(cannedAttribs[idx]));
+
         if ((pkcs7->defaultSignedAttribs & WOLFSSL_CONTENT_TYPE_ATTRIBUTE) ||
             pkcs7->defaultSignedAttribs == 0) {
             cannedAttribs[idx].oid     = contentTypeOid;

wolfcrypt/src/wc_xmss_impl.c

@@ -2675,7 +2675,7 @@ static void wc_xmss_bds_state_free(BdsState* bds)
  * @param [out] bds        BDS states.
  * @param [out] wots_sigs  WOTS signatures when XMSS^MT.
  */
-static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
+static int wc_xmss_bds_state_load(const XmssState* state, byte* sk,
     BdsState* bds, byte** wots_sigs)
 {
     const XmssParams* params = state->params;
@@ -2689,6 +2689,9 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
     /* Skip past standard SK = idx || wots_sk || SK_PRF || root || SEED; */
     sk += params->idx_len + 4 * n;
 
+    if (2 * (int)params->d - 1 <= 0)
+        return WC_FAILURE;
+
     for (i = 0; i < 2 * (int)params->d - 1; i++) {
         /* Set pointers into SK. */
         bds[i].stack = sk;
@@ -2715,6 +2718,8 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
     if (wots_sigs != NULL) {
         *wots_sigs = sk;
     }
+
+    return 0;
 }
 
 /* Store the BDS state into the secret/private key.
@@ -2723,7 +2728,7 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
  * @param [in, out] sk      Secret/private key.
  * @param [in]      bds     BDS states.
  */
-static void wc_xmss_bds_state_store(const XmssState* state, byte* sk,
+static int wc_xmss_bds_state_store(const XmssState* state, byte* sk,
     BdsState* bds)
 {
     int i;
@@ -2743,15 +2748,20 @@ static void wc_xmss_bds_state_store(const XmssState* state, byte* sk,
     /* Ignore standard SK = idx || wots_sk || SK_PRF || root || SEED; */
     sk += params->idx_len + 4 * n;
 
+    if (2 * (int)params->d - 1 <= 0)
+        return WC_FAILURE;
+
     for (i = 0; i < 2 * (int)params->d - 1; i++) {
         /* Skip pointers into sk. */
         sk += skip;
         /* Save values - big-endian encoded. */
-        c32to24(bds[i].next, sk);
+        c32to24(bds[i].next, sk); /* NOLINT(clang-analyzer-core.CallAndMessage) */
         sk += 3;
         sk[0] = bds[i].offset;
         sk += 1;
     }
+
+    return 0;
 }
 
 /********************************************
@@ -3297,6 +3307,10 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
     if (ret == 0)
 #endif
     {
+        /* Setup pointers into sk - assumes sk is initialized to zeros. */
+        ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
+    }
+    if (ret == 0) {
         /* Offsets into seed. */
         const byte* seed_priv = seed;
         const byte* seed_pub = seed + 2 * n;
@@ -3306,9 +3320,6 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
         /* Offsets into public key. */
         byte* pk_seed = pk + n;
 
-        /* Setup pointers into sk - assumes sk is initialized to zeros. */
-        wc_xmss_bds_state_load(state, sk, bds, NULL);
-
         /* Set first index to 0 in private key. idx_len always 4. */
         *sk_idx = 0;
         /* Set private key seed and private key for PRF in to private key. */
@@ -3333,7 +3344,7 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
         XMEMCPY(sk_root, pk_root, 2 * n);
 
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
 #ifdef WOLFSSL_SMALL_STACK
@@ -3412,8 +3423,9 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
 #endif
     {
         /* Load the BDS state from secret/private key. */
-        wc_xmss_bds_state_load(state, sk, bds, NULL);
-
+        ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
+    }
+    if (ret == 0) {
         /* Copy the index into the signature data: Sig = idx_sig || ... */
         *((word32*)sig) = *((word32*)sk);
         /* Read index from the secret key. */
@@ -3490,7 +3502,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
     }
     if (ret == 0) {
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
 #ifdef WOLFSSL_SMALL_STACK
@@ -3580,14 +3592,15 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
 
     /* Allocate memory for BDS states and tree hash instances. */
     ret = wc_xmss_bds_state_alloc(params, &bds);
+    if (ret == 0) {
+        /* Load the BDS state from secret/private key. */
+        ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
+    }
     if (ret == 0) {
         /* Offsets into seed. */
         const byte* seed_priv = seed;
         const byte* seed_pub  = seed + 2 * params->n;
 
-        /* Load the BDS state from secret/private key. */
-        wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
-
         /* Set first index to 0 in private key. */
         XMEMSET(sk, 0, params->idx_len);
         /* Set private key seed and private key for PRF in to private key. */
@@ -3630,7 +3643,7 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
         XMEMCPY(sk_root, pk_root, 2 * n);
 
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
     /* Dispose of allocated data of BDS states. */
@@ -4000,8 +4013,9 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
     ret = wc_xmss_bds_state_alloc(params, &bds);
     if (ret == 0) {
         /* Load the BDS state from secret/private key. */
-        wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
-
+        ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
+    }
+    if (ret == 0) {
         /* Copy the index into the signature data: Sig_MT = idx_sig. */
         XMEMCPY(sig_mt, sk, idx_len);
 
@@ -4032,7 +4046,7 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
 
     if (ret == 0) {
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
     /* Dispose of allocated data of BDS states. */