Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add some simple fixes to possible bugs identified with cppcheck #14

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add some simple fixes to possible bugs identified with cppcheck #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8576876
Fix out of bounds buffer access
aiden-ct Oct 28, 2020
a1ba91a
Add some protection against NULL pointer dereference
aiden-ct Oct 28, 2020
045c4c3
Initialise some variables
aiden-ct Oct 28, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions components/bl602/bl602_wifidrv/bl60x_wifi_driver/wifi_mgmr_profile.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ int wifi_mgmr_profile_add(wifi_mgmr_t *mgmr, wifi_mgmr_profile_msg_t *profile_ms
for (i = 0; i < sizeof(mgmr->profiles)/sizeof(mgmr->profiles[0]); i++) {
if (0 == mgmr->profiles[i].isUsed) {
profile = &(mgmr->profiles[i]);

mgmr->profile_active_index = i;
os_printf("[WF][PF] Using free profile, idx is @%d\r\n", i);
break;
Expand All @@ -65,10 +65,10 @@ int wifi_mgmr_profile_add(wifi_mgmr_t *mgmr, wifi_mgmr_profile_msg_t *profile_ms
profile->psk_len = profile_msg->psk_len;
profile->pmk_len = profile_msg->pmk_len;
profile->priority = 255;
memcpy(profile->ssid, profile_msg->ssid, sizeof(profile->ssid));
memcpy(profile->psk, profile_msg->psk, sizeof(profile->psk));
memcpy(profile->pmk, profile_msg->pmk, sizeof(profile->pmk));
memcpy(profile->mac, profile_msg->mac, sizeof(profile->mac));
memcpy(profile->ssid, profile_msg->ssid, sizeof(profile_msg->ssid));
memcpy(profile->psk, profile_msg->psk, sizeof(profile_msg->psk));
memcpy(profile->pmk, profile_msg->pmk, sizeof(profile_msg->pmk));
memcpy(profile->mac, profile_msg->mac, sizeof(profile_msg->mac));
profile->dhcp_use = profile_msg->dhcp_use;

return 0;
Expand Down Expand Up @@ -122,10 +122,10 @@ int wifi_mgmr_profile_get(wifi_mgmr_t *mgmr, wifi_mgmr_profile_msg_t *profile_ms
profile_msg->psk_len = profile->psk_len;
profile_msg->pmk_len = profile->pmk_len;
profile_msg->dhcp_use = profile->dhcp_use;
memcpy(profile_msg->ssid, profile->ssid, sizeof(profile->ssid));
memcpy(profile_msg->psk, profile->psk, sizeof(profile->psk));
memcpy(profile_msg->pmk, profile->pmk, sizeof(profile->pmk));
memcpy(profile_msg->mac, profile->mac, sizeof(profile->mac));
memcpy(profile_msg->ssid, profile->ssid, sizeof(profile_msg->ssid));
memcpy(profile_msg->psk, profile->psk, sizeof(profile_msg->psk));
memcpy(profile_msg->pmk, profile->pmk, sizeof(profile_msg->pmk));
memcpy(profile_msg->mac, profile->mac, sizeof(profile_msg->mac));

return 0;
}
Expand All @@ -149,7 +149,7 @@ int wifi_mgmr_profile_autoreconnect_is_enabled(wifi_mgmr_t *mgmr, int index)
{
#if 0
wifi_mgmr_profile_t *profile;

profile = __lookup_profile(mgmr, index);
if (NULL == profile) {
return -1;
Expand Down
4 changes: 2 additions & 2 deletions components/network/ble/blemesh/src/crypto.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ static int bt_mesh_ccm_decrypt(const u8_t key[16], u8_t nonce[13],
size_t i, j;
int err;

if (msg_len < 1 || aad_len >= 0xff00) {
if (msg_len < 1 || aad_len >= 0xff00 || (aad_len && !aad)) {
return -EINVAL;
}

Expand Down Expand Up @@ -377,7 +377,7 @@ static int bt_mesh_ccm_encrypt(const u8_t key[16], u8_t nonce[13],
BT_DBG("aad_len %zu mic_size %zu", aad_len, mic_size);

/* Unsupported AAD size */
if (aad_len >= 0xff00) {
if (aad_len >= 0xff00 || (aad_len && !aad)) {
return -EINVAL;
}

Expand Down
10 changes: 5 additions & 5 deletions components/security/mbedtls/src/ssl_cli.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -342,7 +342,7 @@ static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,

*olen = 6;
}
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */

#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Expand Down Expand Up @@ -1217,7 +1217,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
{
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
ssl->handshake->ecdh_ctx.point_format = p[0];
#endif
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
ssl->handshake->ecjpake_ctx.point_format = p[0];
#endif
Expand All @@ -1232,7 +1232,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) );
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
}
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */

#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Expand Down Expand Up @@ -2339,7 +2339,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
{
size_t sig_len, hashlen;
size_t sig_len, hashlen = 0;
unsigned char hash[64];
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
Expand Down Expand Up @@ -2726,7 +2726,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
{
int ret;
size_t i, n;
size_t i = 0, n = 0;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;

MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
Expand Down
8 changes: 4 additions & 4 deletions components/security/mbedtls/src/ssl_tls.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -488,8 +488,8 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
unsigned char keyblk[256];
unsigned char *key1;
unsigned char *key2;
unsigned char *mac_enc;
unsigned char *mac_dec;
unsigned char *mac_enc = NULL;
unsigned char *mac_dec = NULL;
size_t iv_copy_len;
const mbedtls_cipher_info_t *cipher_info;
const mbedtls_md_info_t *md_info;
Expand Down Expand Up @@ -817,7 +817,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_SSL_PROTO_SSL3)
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
{
if( transform->maclen > sizeof transform->mac_enc )
if( (transform->maclen > sizeof transform->mac_enc) || (!mac_enc) || (!mac_dec) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
Expand All @@ -830,7 +830,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 && mac_enc && mac_dec)
{
mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, transform->maclen );
mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, transform->maclen );
Expand Down