Merge pull request wolfSSL#817 from ejohnstown/cov

Fixing a batch of issues reported by Coverity

Author: douzzer

apps/wolfssh/common.c

@@ -499,6 +499,8 @@ int ClientUserAuth(byte authType,
 {
     int ret = WOLFSSH_USERAUTH_SUCCESS;
 
+    WOLFSSH_UNUSED(ctx);
+
 #ifdef DEBUG_WOLFSSH
     /* inspect supported types from server */
     printf("Server supports:\n");
@@ -538,37 +540,28 @@ int ClientUserAuth(byte authType,
         ret = WOLFSSH_USERAUTH_SUCCESS;
     }
     else if (authType == WOLFSSH_USERAUTH_PASSWORD) {
-        const char* defaultPassword = (const char*)ctx;
-        word32 passwordSz = 0;
-
-        if (defaultPassword != NULL) {
-            passwordSz = (word32)strlen(defaultPassword);
-            WMEMCPY(userPassword, defaultPassword, passwordSz);
+        printf("Password: ");
+        fflush(stdout);
+        ClientSetEcho(0);
+        if (fgets((char*)userPassword, sizeof(userPassword), stdin) == NULL) {
+            fprintf(stderr, "Getting password failed.\n");
+            ret = WOLFSSH_USERAUTH_FAILURE;
         }
         else {
-            printf("Password: ");
-            fflush(stdout);
-            ClientSetEcho(0);
-            if (fgets((char*)userPassword, sizeof(userPassword), stdin) == NULL) {
-                fprintf(stderr, "Getting password failed.\n");
-                ret = WOLFSSH_USERAUTH_FAILURE;
-            }
-            else {
-                char* c = strpbrk((char*)userPassword, "\r\n");
-                if (c != NULL)
-                    *c = '\0';
-            }
-            passwordSz = (word32)strlen((const char*)userPassword);
-            ClientSetEcho(1);
-            #ifdef USE_WINDOWS_API
-                printf("\r\n");
-            #endif
-            fflush(stdout);
+            char* c = strpbrk((char*)userPassword, "\r\n");
+            if (c != NULL)
+                *c = '\0';
         }
+        ClientSetEcho(1);
+        #ifdef USE_WINDOWS_API
+            printf("\r\n");
+        #endif
+        fflush(stdout);
 
         if (ret == WOLFSSH_USERAUTH_SUCCESS) {
             authData->sf.password.password = userPassword;
-            authData->sf.password.passwordSz = passwordSz;
+            authData->sf.password.passwordSz =
+                (word32)strlen((const char*)userPassword);
         }
     }
 
@@ -743,7 +736,7 @@ int ClientLoadCA(WOLFSSH_CTX* ctx, const char* caCert)
             WFREE(der, NULL, 0);
         }
     #else
-        (void)ctx;
+        WOLFSSH_UNUSED(ctx);
         fprintf(stderr, "Support for certificates not compiled in.");
         ret = WS_NOT_COMPILED;
     #endif

apps/wolfssh/wolfssh.c

@@ -900,7 +900,6 @@ static THREAD_RETURN WOLFSSH_THREAD wolfSSH_Client(void* args)
     SOCKADDR_IN_T clientAddr;
     socklen_t clientAddrSz = sizeof(clientAddr);
     int ret = 0;
-    const char* password = NULL;
     byte keepOpen = 1;
 #ifdef USE_WINDOWS_API
     byte rawMode = 0;
@@ -976,9 +975,6 @@ static THREAD_RETURN WOLFSSH_THREAD wolfSSH_Client(void* args)
     wolfSSH_SetGlobalReqCtx(ssh, &ssh); /* dummy ctx */
 #endif
 
-    if (password != NULL)
-        wolfSSH_SetUserAuthCtx(ssh, (void*)password);
-
 #ifdef WOLFSSH_AGENT
     if (useAgent) {
         WMEMSET(&agentCbCtx, 0, sizeof(agentCbCtx));

apps/wolfsshd/wolfsshd.c

@@ -245,6 +245,8 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)
     word32 fileSz;
     word32 readSz;
 
+    WOLFSSH_UNUSED(heap);
+
     if (fileName == NULL) return NULL;
 
     if (WFOPEN(NULL, &file, fileName, "rb") != 0)
@@ -263,10 +265,9 @@ static byte* getBufferFromFile(const char* fileName, word32* bufSz, void* heap)
         }
         if (bufSz)
             *bufSz = readSz;
-        WFCLOSE(NULL, file);
     }
+    WFCLOSE(NULL, file);
 
-    (void)heap;
     return buf;
 }
 #endif /* NO_FILESYSTEM */

src/wolfsftp.c

@@ -1997,6 +1997,12 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
 
     WLOG(WS_LOG_SFTP, "Receiving WOLFSSH_FTP_OPEN");
 
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        fd = WBADFILE;
+    #else
+        fd = -1;
+    #endif
+
     if (sizeof(WFD) > WOLFSSH_MAX_HANDLE) {
         WLOG(WS_LOG_SFTP, "Handle size is too large");
         return WS_FATAL_ERROR;
@@ -2083,7 +2089,6 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
         }
 
     #ifdef MICROCHIP_MPLAB_HARMONY
-        fd = WBADFILE;
         {
             WFILE* f = &fd;
             if (WFOPEN(ssh->fs, &f, dir, m) != WS_SUCCESS) {
@@ -2111,29 +2116,37 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
             WLOG(WS_LOG_SFTP, "Unable to store handle");
             res = ier;
             if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,
-                "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                    "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                WCLOSE(ssh->fs, fd);
                 return WS_FATAL_ERROR;
             }
             ret = WS_FATAL_ERROR;
         }
     }
 #endif
 
-    /* create packet */
-    out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);
-    if (out == NULL) {
-        return WS_MEMORY_E;
+    if (ret == WS_SUCCESS) {
+        /* create packet */
+        out = (byte*)WMALLOC(outSz, ssh->ctx->heap, DYNTYPE_BUFFER);
+        if (out == NULL) {
+            WCLOSE(ssh->fs, fd);
+            return WS_MEMORY_E;
+        }
     }
     if (ret == WS_SUCCESS) {
         if (SFTP_CreatePacket(ssh, WOLFSSH_FTP_HANDLE, out, outSz,
             (byte*)&fd, sizeof(WFD)) != WS_SUCCESS) {
+            WCLOSE(ssh->fs, fd);
             return WS_FATAL_ERROR;
         }
     }
     else {
         if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId, res,
                 "English", out, &outSz) != WS_SUCCESS) {
             WFREE(out, ssh->ctx->heap, DYNTYPE_BUFFER);
+            if (fd >= 0) {
+                WCLOSE(ssh->fs, fd);
+            }
             return WS_FATAL_ERROR;
         }
     }

tests/api.c

@@ -85,12 +85,15 @@ char* myoptarg = NULL;
 
 #define AssertTrue(x)    Assert( (x), ("%s is true",     #x), (#x " => FALSE"))
 #define AssertFalse(x)   Assert(!(x), ("%s is false",    #x), (#x " => TRUE"))
-#define AssertNotNull(x) Assert( (x), ("%s is not null", #x), (#x " => NULL"))
+
+#define AssertNotNull(x) do {                                                  \
+    PEDANTIC_EXTENSION void* _isNotNull = (void*)(x);                          \
+    Assert(_isNotNull, ("%s is not null", #x), (#x " => NULL"));               \
+} while (0)
 
 #define AssertNull(x) do {                                                     \
-    PEDANTIC_EXTENSION void* _x = (void*)(x);                                  \
-                                                                               \
-    Assert(!_x, ("%s is null", #x), (#x " => %p", _x));                        \
+    PEDANTIC_EXTENSION void* _isNull = (void*)(x);                             \
+    Assert(!_isNull, ("%s is null", #x), (#x " => %p", _isNull));              \
 } while(0)
 
 #define AssertInt(x, y, op, er) do {                                           \
@@ -924,8 +927,17 @@ static void sftp_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
 
     build_addr(&clientAddr, host, port);
     tcp_socket(&sockFd, ((struct sockaddr_in *)&clientAddr)->sin_family);
+    if (sockFd < 0) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        return;
+    }
+
     ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
     if (ret != 0){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -942,6 +954,7 @@ static void sftp_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         ret = wolfSSH_SFTP_connect(*ssh);
 
     if (ret != WS_SUCCESS){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -1608,8 +1621,17 @@ static void keyboard_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
 
     build_addr(&clientAddr, host, port);
     tcp_socket(&sockFd, ((struct sockaddr_in *)&clientAddr)->sin_family);
+    if (sockFd < 0) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        return;
+    }
+
     ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
     if (ret != 0){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
@@ -1625,6 +1647,7 @@ static void keyboard_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         ret = wolfSSH_connect(*ssh);
 
     if (ret != WS_SUCCESS){
+        WCLOSESOCKET(sockFd);
         wolfSSH_free(*ssh);
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;

tests/auth.c

@@ -443,15 +443,33 @@ static int basic_client_connect(WOLFSSH_CTX** ctx, WOLFSSH** ssh, int port)
         wolfSSH_CTX_free(*ctx);
         *ctx = NULL;
         *ssh = NULL;
+        WCLOSESOCKET(sockFd);
         return ret;
     }
 
     ret = wolfSSH_SetUsername(*ssh, username);
-    if (ret == WS_SUCCESS)
-        ret = wolfSSH_set_fd(*ssh, (int)sockFd);
+    if (ret != WS_SUCCESS) {
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        WCLOSESOCKET(sockFd);
+        fprintf(stderr, "line= %d\n", __LINE__);
+        return ret;
+    }
+
+    ret = wolfSSH_set_fd(*ssh, (int)sockFd);
+    if (ret != WS_SUCCESS) {
+        fprintf(stderr, "line= %d\n", __LINE__);
+        wolfSSH_free(*ssh);
+        wolfSSH_CTX_free(*ctx);
+        *ctx = NULL;
+        *ssh = NULL;
+        WCLOSESOCKET(sockFd);
+        return ret;
+    }
 
-    if (ret == WS_SUCCESS)
-        ret = wolfSSH_connect(*ssh);
+    ret = wolfSSH_connect(*ssh);
 
     return ret;
 }