wolfSSL · SparkiDev · Aug 22, 2024 · Aug 17, 2024 · Aug 21, 2024 · Aug 21, 2024
diff --git a/linuxkm/linuxkm_wc_port.h b/linuxkm/linuxkm_wc_port.h
@@ -632,6 +632,10 @@
         #endif
         #endif
 
+        #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
+        typeof(dump_stack) *dump_stack;
+        #endif
+
         const void *_last_slot;
     };
 
@@ -777,6 +781,10 @@
         #endif
     #endif
 
+    #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
+        #define dump_stack (wolfssl_linuxkm_get_pie_redirect_table()->dump_stack)
+    #endif
+
     #endif /* __PIE__ */
 
     #endif /* USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE */

diff --git a/linuxkm/module_hooks.c b/linuxkm/module_hooks.c
@@ -580,6 +580,10 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
 #endif
 #endif
 
+#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
+    wolfssl_linuxkm_pie_redirect_table.dump_stack = dump_stack;
+#endif
+
     /* runtime assert that the table has no null slots after initialization. */
     {
         unsigned long *i;

diff --git a/src/internal.c b/src/internal.c
@@ -25142,7 +25142,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
     }
 
     /* pass to wolfCrypt */
-    if (error < MAX_CODE_E && error > MIN_CODE_E) {
+    if (error <= WC_FIRST_E && error >= WC_LAST_E) {
         return wc_GetErrorString(error);
     }
 

diff --git a/src/ssl.c b/src/ssl.c
@@ -15361,7 +15361,9 @@ int wolfSSL_ERR_GET_REASON(unsigned long err)
     ret = 0 - ret; /* setting as negative value */
     /* wolfCrypt range is less than MAX (-100)
        wolfSSL range is MIN (-300) and lower */
-    if (ret < MAX_CODE_E && ret > MIN_CODE_E) {
+    if ((ret <= WC_FIRST_E && ret >=  WC_LAST_E) ||
+        (ret <= WOLFSSL_FIRST_E && ret >= WOLFSSL_LAST_E))
+    {
         return ret;
     }
     else {

diff --git a/support/gen-debug-trace-error-codes.sh b/support/gen-debug-trace-error-codes.sh
@@ -12,7 +12,7 @@ BEGIN {
     print("#undef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H") >> "wolfssl/debug-untrace-error-codes.h";
 }
 {
-    if (match($0, "^[[:space:]]+([A-Z][A-Z0-9_]+)[[:space:]]*=[[:space:]]*(-[0-9]+)[,[:space:]]")) {
+    if (match($0, "^[[:space:]]+([A-Z][A-Z0-9_]+)[[:space:]]*=[[:space:]]*(-[0-9]+)([,[:space:]]|$)")) {
 
         # for mawkward compatibility -- gawk allows errcode_a as the 3rd arg to match().
         gsub("^[[:space:]]+", "", $0);

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -2491,8 +2491,7 @@ static int _ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
    }
    if (err == MP_OKAY && mp_iszero((MP_INT_SIZE*)t2)) {
       /* T2 = X * X */
-      if (err == MP_OKAY)
-          err = mp_sqr(x, t2);
+      err = mp_sqr(x, t2);
       if (err == MP_OKAY)
           err = mp_montgomery_reduce(t2, modulus, mp);
       /* T1 = T2 + T1 */
@@ -2506,8 +2505,7 @@ static int _ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
       /* use "a" in calc */
 
       /* T2 = T1 * T1 */
-      if (err == MP_OKAY)
-          err = mp_sqr(t1, t2);
+      err = mp_sqr(t1, t2);
       if (err == MP_OKAY)
           err = mp_montgomery_reduce(t2, modulus, mp);
       /* T1 = T2 * a */

diff --git a/wolfcrypt/src/error.c b/wolfcrypt/src/error.c
@@ -44,6 +44,18 @@ const char* wc_GetErrorString(int error)
 {
     switch (error) {
 
+    case MP_MEM :
+        return "MP integer dynamic memory allocation failed";
+
+    case MP_VAL :
+        return "MP integer invalid argument";
+
+    case MP_WOULDBLOCK :
+        return "MP integer non-blocking operation would block";
+
+    case MP_NOT_INF:
+        return "MP point not at infinity";
+
     case OPEN_RAN_E :
         return "opening random device error";
 

diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c
@@ -1721,6 +1721,14 @@ void WOLFSSL_ERROR_MSG(const char* msg)
 
 #ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
 
+#ifdef WOLFSSL_LINUXKM
+
+void wc_backtrace_render(void) {
+    dump_stack();
+}
+
+#else /* !WOLFSSL_LINUXKM */
+
 #include <backtrace-supported.h>
 
 #if BACKTRACE_SUPPORTED != 1
@@ -1848,5 +1856,6 @@ void wc_backtrace_render(void) {
 
     wc_UnLockMutex(&backtrace_mutex);
 }
+#endif /* !WOLFSSL_LINUXKM */
 
 #endif /* WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES */
diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c
@@ -31,6 +31,7 @@ This library provides single precision (SP) integer math functions.
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
 

diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c
@@ -5685,9 +5685,9 @@ int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap)
 
     err = fp_randprime(a, len, rng, heap);
     switch(err) {
-        case FP_VAL:
+        case WC_NO_ERR_TRACE(MP_VAL):
             return MP_VAL;
-        case FP_MEM:
+        case WC_NO_ERR_TRACE(MP_MEM):
             return MP_MEM;
         default:
             break;

diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
@@ -2623,40 +2623,53 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void)
     int i;
     int j = 0;
     /* Values that are not or no longer error codes. */
-    int missing[] = { -124, -166, -167, -168, -169,   0 };
+    static const struct {
+        int first;
+        int last;
+    } missing[] = {
+        { -124, -124 },
+        { -166, -169 }
+    };
 
     /* Check that all errors have a string and it's the same through the two
      * APIs. Check that the values that are not errors map to the unknown
      * string.
      */
-    for (i = MAX_CODE_E-1; i >= WC_LAST_E; i--) {
+    for (i = WC_FIRST_E; i >= WC_LAST_E; i--) {
+        int this_missing = 0;
+        for (j = 0; j < (int)XELEM_CNT(missing); ++j) {
+            if ((i <= missing[j].first) && (i >= missing[j].last)) {
+                this_missing = 1;
+                break;
+            }
+        }
         errStr = wc_GetErrorString(i);
         wc_ErrorString(i, out);
 
-        if (i != missing[j]) {
+        if (! this_missing) {
             if (XSTRCMP(errStr, unknownStr) == 0) {
                 WOLFSSL_MSG("errStr unknown");
-                return WC_TEST_RET_ENC_NC;
+                return WC_TEST_RET_ENC_I(-i);
             }
             if (XSTRCMP(out, unknownStr) == 0) {
                 WOLFSSL_MSG("out unknown");
-                return WC_TEST_RET_ENC_NC;
+                return WC_TEST_RET_ENC_I(-i);
             }
             if (XSTRCMP(errStr, out) != 0) {
                 WOLFSSL_MSG("errStr does not match output");
-                return WC_TEST_RET_ENC_NC;
+                return WC_TEST_RET_ENC_I(-i);
             }
             if (XSTRLEN(errStr) >= WOLFSSL_MAX_ERROR_SZ) {
                 WOLFSSL_MSG("errStr too long");
-                return WC_TEST_RET_ENC_NC;
+                return WC_TEST_RET_ENC_I(-i);
             }
         }
         else {
             j++;
             if (XSTRCMP(errStr, unknownStr) != 0)
-                return WC_TEST_RET_ENC_NC;
+                return WC_TEST_RET_ENC_I(-i);
             if (XSTRCMP(out, unknownStr) != 0)
-                return WC_TEST_RET_ENC_NC;
+                return WC_TEST_RET_ENC_I(-i);
         }
     }
 

diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h
@@ -35,6 +35,8 @@
 #endif
 
 enum wolfSSL_ErrorCodes {
+    WOLFSSL_FIRST_E              = -301,
+
     INPUT_CASE_ERROR             = -301,   /* process input state error */
     PREFIX_ERROR                 = -302,   /* bad index to key rounds  */
     MEMORY_ERROR                 = -303,   /* out of memory            */
@@ -196,8 +198,11 @@ enum wolfSSL_ErrorCodes {
     KEY_SHARE_ERROR              = -503,   /* key share mismatch */
     POST_HAND_AUTH_ERROR         = -504,   /* client won't do post-hand auth */
     HRR_COOKIE_ERROR             = -505,   /* HRR msg cookie mismatch */
-    UNSUPPORTED_CERTIFICATE      = -506    /* unsupported certificate type */
+    UNSUPPORTED_CERTIFICATE      = -506,   /* unsupported certificate type */
     /* end negotiation parameter errors only 10 for now */
+
+    WOLFSSL_LAST_E               = -506
+
     /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
 
     /* no error strings go down here, add above negotiation errors !!!! */
@@ -215,7 +220,7 @@ enum wolfSSL_ErrorCodes {
 WOLFSSL_LOCAL
 void SetErrorString(int err, char* buff);
 
-#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
+#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && defined(BUILDING_WOLFSSL)
     #include <wolfssl/debug-trace-error-codes.h>
 #endif
 

diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h
@@ -37,10 +37,21 @@ the error status.
     extern "C" {
 #endif
 
+#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H
+#include <wolfssl/debug-untrace-error-codes.h>
+#endif
 
 /* error codes, add string for new errors !!! */
 enum {
-    MAX_CODE_E         = -100,  /* errors -101 - -299 */
+    MAX_CODE_E         =  -96,  /* errors -97 - -299 */
+    WC_FIRST_E         =  -97,  /* errors -97 - -299 */
+
+    MP_MEM             =  -97,  /* MP dynamic memory allocation failed. */
+    MP_VAL             =  -98,  /* MP value passed is not able to be used. */
+    MP_WOULDBLOCK      =  -99,  /* MP non-blocking operation is returning after
+                                 * partial completion. */
+    MP_NOT_INF         = -100,  /* MP point not at infinity */
+
     OPEN_RAN_E         = -101,  /* opening random device error */
     READ_RAN_E         = -102,  /* reading random device error */
     WINCRYPT_E         = -103,  /* windows crypt init error */
@@ -276,13 +287,12 @@ enum {
     SM4_CCM_AUTH_E      = -299,  /* SM4-CCM Authentication check failure */
 
     WC_LAST_E           = -299,  /* Update this to indicate last error */
-    MIN_CODE_E          = -300   /* errors -101 - -299 */
+    MIN_CODE_E          = -300   /* errors -2 - -299 */
 
     /* add new companion error id strings for any new error codes
        wolfcrypt/src/error.c !!! */
 };
 
-
 #ifdef NO_ERROR_STRINGS
     #define wc_GetErrorString(error) "no support for error strings built in"
     #define wc_ErrorString(err, buf) \
@@ -294,10 +304,7 @@ WOLFSSL_API void wc_ErrorString(int err, char* buff);
 WOLFSSL_ABI WOLFSSL_API const char* wc_GetErrorString(int error);
 #endif
 
-#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && !defined(BUILDING_WOLFSSL)
-    #undef WOLFSSL_DEBUG_TRACE_ERROR_CODES
-#endif
-#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES
+#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && defined(BUILDING_WOLFSSL)
     extern void wc_backtrace_render(void);
     #define WC_NO_ERR_TRACE(label) (CONST_NUM_ERR_ ## label)
     #ifndef WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE

diff --git a/wolfssl/wolfcrypt/integer.h b/wolfssl/wolfcrypt/integer.h
@@ -42,6 +42,8 @@
 
 #else
 
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/random.h>
 
 #ifndef CHAR_BIT
@@ -162,9 +164,6 @@ extern "C" {
 #define MP_NEG        1   /* negative */
 
 #define MP_OKAY       0   /* ok result */
-#define MP_MEM       (-2) /* out of mem */
-#define MP_VAL       (-3) /* invalid input */
-#define MP_NOT_INF   (-4) /* point not at infinity */
 #define MP_RANGE      MP_NOT_INF
 
 #define MP_YES        1   /* yes response */

diff --git a/wolfssl/wolfcrypt/sp_int.h b/wolfssl/wolfcrypt/sp_int.h
@@ -742,24 +742,18 @@ typedef struct sp_ecc_ctx {
 #define MP_LT    (-1)
 
 /* ERROR VALUES */
+
+/* MP_MEM, MP_VAL, MP_WOULDBLOCK, and MP_NOT_INF are defined in error-crypt.h */
+
 /** Error value on success. */
 #define MP_OKAY          0
-/** Error value when dynamic memory allocation fails. */
-#define MP_MEM          (-2)
-/** Error value when value passed is not able to be used. */
-#define MP_VAL          (-3)
-/** Error value when non-blocking operation is returning after partial
- * completion.
- */
-#define FP_WOULDBLOCK   (-4)
-/* Unused error. Defined for backward compatibility. */
-#define MP_NOT_INF      (-5)
+
+#define FP_WOULDBLOCK   MP_WOULDBLOCK
 /* Unused error. Defined for backward compatibility. */
 #define MP_RANGE        MP_NOT_INF
-
 #ifdef USE_FAST_MATH
 /* For old FIPS, need FP_MEM defined for old implementation. */
-#define FP_MEM          (-2)
+#define FP_MEM          MP_MEM
 #endif
 
 /* Number of bits in each word/digit. */

diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h
@@ -40,6 +40,7 @@
 #define WOLF_CRYPT_TFM_H
 
 #include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 #ifndef CHAR_BIT
     #include <limits.h>
 #endif
@@ -305,10 +306,10 @@
 
 /* return codes */
 #define FP_OKAY      0
-#define FP_VAL      (-1)
-#define FP_MEM      (-2)
-#define FP_NOT_INF  (-3)
-#define FP_WOULDBLOCK (-4)
+#define FP_VAL      MP_VAL
+#define FP_MEM      MP_MEM
+#define FP_NOT_INF  MP_NOT_INF
+#define FP_WOULDBLOCK MP_WOULDBLOCK
 
 /* equalities */
 #define FP_LT        (-1)   /* less than */
@@ -776,10 +777,7 @@ int  fp_sqr_comba64(fp_int *a, fp_int *b);
 #define MP_LT   FP_LT   /* less than    */
 #define MP_EQ   FP_EQ   /* equal to     */
 #define MP_GT   FP_GT   /* greater than */
-#define MP_VAL  FP_VAL  /* invalid */
-#define MP_MEM  FP_MEM  /* memory error */
-#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
-#define MP_RANGE FP_NOT_INF
+#define MP_RANGE MP_NOT_INF
 #define MP_OKAY FP_OKAY /* ok result    */
 #define MP_NO   FP_NO   /* yes/no result */
 #define MP_YES  FP_YES  /* yes/no result */
-Original file line number
+Diff line change
@@ Expand Up @@
     #endif
     #include <wolfssl/wolfcrypt/settings.h>
+    #include <wolfssl/wolfcrypt/error-crypt.h>
     #if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
@@ Expand Down @@