fixes for Coverity #394680, #394682, #394693, #394712.

douzzer · douzzer · commit 88af1a293222 · 2024-07-05T20:42:32.000-05:00
diff --git a/src/wolfio.c b/src/wolfio.c
@@ -1612,6 +1612,11 @@ int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
 
         /* read data if no \r\n or first time */
         if ((start == NULL) || (end == NULL)) {
+            if (httpBufSz < len + 1) {
+                return BUFFER_ERROR; /* can't happen, but Coverity thinks it
+                                      * can.
+                                      */
+            }
             result = wolfIO_Recv(sfd, (char*)httpBuf+len, httpBufSz-len-1, 0);
             if (result > 0) {
                 len += result;
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
@@ -12910,10 +12910,6 @@ int wc_AesXtsEncryptInit(XtsAes* xaes, const byte* i, word32 iSz,
         return BAD_FUNC_ARG;
     }
 
-    if (iSz < AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
     XMEMCPY(stream->tweak_block, i, AES_BLOCK_SIZE);
     stream->bytes_crypted_with_this_tweak = 0;
 
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
@@ -4017,7 +4017,10 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,
 
     /* Sig = Salt | Exp Hash */
     if (ret == 0) {
-        if (sigSz != inSz + (word32)saltLen) {
+        word32 totalSz;
+        if ((WC_SAFE_SUM_WORD32(inSz, (word32)saltLen, totalSz) == 0) ||
+            (sigSz != totalSz))
+        {
             ret = PSS_SALTLEN_E;
         }
     }
diff --git a/wolfcrypt/src/wc_encrypt.c b/wolfcrypt/src/wc_encrypt.c
@@ -545,9 +545,15 @@ int wc_CryptKey(const char* password, int passwordSz, byte* salt,
 
                 ret =  wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
                                     iterations, (int)derivedLen, typeH, 1);
+                if (ret < 0)
+                    break;
                 if (id != PBE_SHA1_RC4_128) {
-                    ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt,
+                    i = ret;
+                    ret = wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt,
                                     saltSz, iterations, 8, typeH, 2);
+                    if (ret < 0)
+                        break;
+                    ret += i;
                 }
                 break;
             }

Original file line number	Diff line number	Diff line change
`@@ -12910,10 +12910,6 @@ int wc_AesXtsEncryptInit(XtsAes* xaes, const byte* i, word32 iSz,`
`12910`	`12910`	`return BAD_FUNC_ARG;`
`12911`	`12911`	`}`
`12912`	`12912`
`12913`		`- if (iSz < AES_BLOCK_SIZE) {`
`12914`		`- return BAD_FUNC_ARG;`
`12915`		`- }`
`12916`		`-`
`12917`	`12913`	`XMEMCPY(stream->tweak_block, i, AES_BLOCK_SIZE);`
`12918`	`12914`	`stream->bytes_crypted_with_this_tweak = 0;`
`12919`	`12915`
Original file line number	Diff line number	Diff line change
`@@ -4017,7 +4017,10 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,`
`4017`	`4017`
`4018`	`4018`	`/* Sig = Salt \| Exp Hash */`
`4019`	`4019`	`if (ret == 0) {`
`4020`		`- if (sigSz != inSz + (word32)saltLen) {`
	`4020`	`+ word32 totalSz;`
	`4021`	`+ if ((WC_SAFE_SUM_WORD32(inSz, (word32)saltLen, totalSz) == 0) \|\|`
	`4022`	`+ (sigSz != totalSz))`
	`4023`	`+ {`
`4021`	`4024`	`ret = PSS_SALTLEN_E;`
`4022`	`4025`	`}`
`4023`	`4026`	`}`