Merge pull request #10418 from rlm2002/coverity

dgarske · web-flow · commit 8ac2a1ae1b51 · 2026-05-07T14:11:32.000-07:00
20260506 Coverity
diff --git a/src/tls.c b/src/tls.c
@@ -14986,7 +14986,7 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
             case TLSX_CERTIFICATE_AUTHORITIES: {
                 word16 canSz = CAN_GET_SIZE(extension->data);
                 /* 0 on non-empty list means 16-bit overflow. */
-                if (canSz == 0 && extension->data != NULL) {
+                if (canSz == 0) {
                     ret = LENGTH_ERROR;
                     break;
                 }
diff --git a/src/tls13.c b/src/tls13.c
@@ -14536,8 +14536,7 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)
     if (WOLFSSL_NAMED_GROUP_IS_PQC(group) ||
         WOLFSSL_NAMED_GROUP_IS_PQC_HYBRID(group)) {
 
-        if (ssl->ctx != NULL && ssl->ctx->method != NULL &&
-            !IsAtLeastTLSv1_3(ssl->version)) {
+        if (!IsAtLeastTLSv1_3(ssl->version)) {
             return BAD_FUNC_ARG;
         }
 
diff --git a/tests/api/test_evp_digest.c b/tests/api/test_evp_digest.c
@@ -368,6 +368,22 @@ int test_wolfSSL_EVP_DigestFinalXOF(void)
     ExpectIntEQ(sz, 16);
     ExpectIntEQ(EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
     #endif
+
+    /* NULL size pointer on the non-XOF Final must not crash;
+     * defaults to 32 / 16 bytes for SHAKE256 / SHAKE128. */
+    wolfSSL_EVP_MD_CTX_init(&mdCtx);
+    ExpectIntEQ(EVP_DigestInit(&mdCtx, EVP_shake256()), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(&mdCtx, data, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestFinal(&mdCtx, shake, NULL), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
+
+    #if defined(WOLFSSL_SHAKE128)
+    wolfSSL_EVP_MD_CTX_init(&mdCtx);
+    ExpectIntEQ(EVP_DigestInit(&mdCtx, EVP_shake128()), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(&mdCtx, data, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestFinal(&mdCtx, shake, NULL), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
+    #endif
 #endif
     return EXPECT_RESULT();
 }
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
@@ -868,9 +868,6 @@ int SizeASN_Items(const ASNItem* asn, ASNSetData *data, int count,
                     return ASN_PARSE_E;
                 }
                 length += mp_leading_bit(data[i].data.mp) ? 1 : 0;
-                if (length < 0) {
-                    return ASN_PARSE_E;
-                }
                 len = (word32)SizeASNHeader((word32)length) + (word32)length;
                 /* Check for overflow: header + length must not wrap word32. */
                 if (len < (word32)length) {
diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
@@ -11317,6 +11317,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
                                unsigned int* s)
     {
         enum wc_HashType macType;
+    #if defined(WOLFSSL_SHA3) && (defined(WOLFSSL_SHAKE128) || \
+        defined(WOLFSSL_SHAKE256))
+        unsigned int defaultSz = 0;
+    #endif
 
         WOLFSSL_ENTER("wolfSSL_EVP_DigestFinal");
 
@@ -11345,18 +11349,21 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
 
             case WC_HASH_TYPE_SHAKE128:
         #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
-                if (s != NULL)
-                    *s = 16; /* if mixing up XOF with plain digest 128 bit is
-                              * default for SHAKE128 */
+                if (s == NULL)
+                    s = &defaultSz;
+                *s = 16; /* if mixing up XOF with plain digest 128 bit is
+                            * default for SHAKE128 */
+
         #else
                 return WOLFSSL_FAILURE;
         #endif
                 break;
             case WC_HASH_TYPE_SHAKE256:
         #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE256)
-                if (s != NULL)
-                    *s = 32; /* if mixing up XOF with plain digest 256 bit is
-                              * default for SHAKE256 */
+                if (s == NULL)
+                    s = &defaultSz;
+                *s = 32; /* if mixing up XOF with plain digest 256 bit is
+                            * default for SHAKE256 */
         #else
                 return WOLFSSL_FAILURE;
         #endif
diff --git a/wolfcrypt/src/wc_encrypt.c b/wolfcrypt/src/wc_encrypt.c
@@ -468,8 +468,8 @@ int wc_CryptKey(const char* password, int passwordSz, const byte* salt,
                 byte unicodePasswd[MAX_UNICODE_SZ];
 
                 if (passwordSz < 0 ||
-                    passwordSz >= (int)sizeof(unicodePasswd) ||
-                   (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
+                    passwordSz >= MAX_UNICODE_SZ ||
+                   (passwordSz * 2 + 2) > MAX_UNICODE_SZ) {
                     ret = UNICODE_SIZE_E;
                     break;
                 }

Original file line number	Diff line number	Diff line change
`@@ -14986,7 +14986,7 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,`
`14986`	`14986`	`case TLSX_CERTIFICATE_AUTHORITIES: {`
`14987`	`14987`	`word16 canSz = CAN_GET_SIZE(extension->data);`
`14988`	`14988`	`/* 0 on non-empty list means 16-bit overflow. */`
`14989`		`- if (canSz == 0 && extension->data != NULL) {`
	`14989`	`+ if (canSz == 0) {`
`14990`	`14990`	`ret = LENGTH_ERROR;`
`14991`	`14991`	`break;`
`14992`	`14992`	`}`
Original file line number	Diff line number	Diff line change
`@@ -14536,8 +14536,7 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)`
`14536`	`14536`	`if (WOLFSSL_NAMED_GROUP_IS_PQC(group) \|\|`
`14537`	`14537`	`WOLFSSL_NAMED_GROUP_IS_PQC_HYBRID(group)) {`
`14538`	`14538`
`14539`		`- if (ssl->ctx != NULL && ssl->ctx->method != NULL &&`
`14540`		`- !IsAtLeastTLSv1_3(ssl->version)) {`
	`14539`	`+ if (!IsAtLeastTLSv1_3(ssl->version)) {`
`14541`	`14540`	`return BAD_FUNC_ARG;`
`14542`	`14541`	`}`
`14543`	`14542`