Fix -4 return code when expected BAD_FUNC_ARG(-173)#6842
Merged
SparkiDev merged 2 commits intowolfSSL:masterfrom Oct 8, 2023
Merged
Fix -4 return code when expected BAD_FUNC_ARG(-173)#6842SparkiDev merged 2 commits intowolfSSL:masterfrom
SparkiDev merged 2 commits intowolfSSL:masterfrom
Conversation
SparkiDev
approved these changes
Oct 5, 2023
SparkiDev
requested changes
Oct 5, 2023
| ret = WOLFSSL_BAD_FILE; | ||
| /* If some other error has already occurred preserve that code | ||
| * return WOLFSSL_BAD_FILE if that is the only error condition */ | ||
| if (ret == WOLFSSL_SUCCESS) { |
Contributor
There was a problem hiding this comment.
Hang on. Why are we not enabling the check of ret above instead of doing the malloc when we are already failing.
Contributor
Author
There was a problem hiding this comment.
We can go with that approach instead and do the initialization to satisfy the compiler:
diff --git a/src/ssl_certman.c b/src/ssl_certman.c
index 9f227be15..46011595f 100644
--- a/src/ssl_certman.c
+++ b/src/ssl_certman.c
@@ -782,7 +782,7 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
#ifndef WOLFSSL_SMALL_STACK
byte staticBuffer[FILE_BUFFER_SIZE];
#endif
- byte* buff;
+ byte* buff = NULL;
long sz = 0;
XFILE file = XBADFILE;
@@ -814,16 +814,15 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
* small. */
#ifndef WOLFSSL_SMALL_STACK
if ((ret == WOLFSSL_SUCCESS) && (sz > (long)sizeof(staticBuffer)))
+#else
+
+ if (ret == WOLFSSL_SUCCESS)
#endif
{
WOLFSSL_MSG("Getting dynamic buffer");
buff = (byte*)XMALLOC((size_t)sz, cm->heap, DYNAMIC_TYPE_FILE);
if (buff == NULL) {
- /* If some other error has already occurred preserve that code
- * return WOLFSSL_BAD_FILE if that is the only error condition */
- if (ret == WOLFSSL_SUCCESS) {
- ret = WOLFSSL_BAD_FILE;
- }
+ ret = WOLFSSL_BAD_FILE;
}
}
/* Read all the file into buffer. */
Contributor
|
retest this please jenkins |
SparkiDev
approved these changes
Oct 8, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
A PR had introduced a specific error when building with configuration
--enable-trackmemory --enable-smallstack CFLAGS="-DALT_ECC_SIZE"some code in ssl_certman.c was over-writing an expected error value -173 (BAD_FUNC_ARG) with the error code WOLFSSL_BAD_FILE (-4) causing api.c to fail an expected BAD_FUNC_ARG check.Testing
Using the above configuration with commit: 3af87f6 that introduced the error and running ./tests/unit.test
Checklist