Skip to content

20251028 fixes#9359

Merged
dgarske merged 3 commits intowolfSSL:masterfrom
douzzer:20251028-fixes
Oct 28, 2025
Merged

20251028 fixes#9359
dgarske merged 3 commits intowolfSSL:masterfrom
douzzer:20251028-fixes

Conversation

@douzzer
Copy link
Copy Markdown
Contributor

@douzzer douzzer commented Oct 28, 2025

src/x509.c: in wolfSSL_X509_get_ext_by_OBJ() and wolfSSL_X509_load_cert_crl_file(), add local protection from null derefs (fixes -Wnull-dereferences);

wolfcrypt/src/chacha.c and wolfssl/wolfcrypt/chacha.h: implement USE_ARM_CHACHA_SPEEDUP gate;

wolfcrypt/src/kdf.c: in wc_SSH_KDF(), add early return if _HashInit() fails (fixes _HashFree() of uninited _hash);

wolfcrypt/src/sha256.c: initialize sha256->W in ARMASM variant of wc_InitSha256_ex(), and pass sha256->heap to XMALLOC/XFREE consistently;

src/internal.c and tests/api.c: fix clang-analyzer-core.NullPointerArithms;

linuxkm/module_hooks.c: in wc_linuxkm_GenerateSeed_IntelRD(), log when RDSEED support is missing, and add verbose logging for generation failures.

tested with

wolfssl-multi-test.sh ...
super-quick-check
all-crypto-openssl-extra-coexist-TEST_OPENSSL_COEXIST
all-crypto-openssl-extra-coexist-smallstack-TEST_OPENSSL_COEXIST
cross-mingw-all-crypto
quantum-safe-wolfssl-all-cross-armv7a-armasm-unittest-Os-smallstack
reproducible-build
quantum-safe-wolfssl-all-cross-armv7a-armasm-unittest-Os
quantum-safe-wolfssl-all-cross-aarch64-armasm-unittest-Os-smallstack-sanitizer
quantum-safe-wolfssl-all-cross-aarch64-armasm-unittest-Os-smallstack
linuxkm-fips-v5-strict-dist-insmod-cust-kernel-2
quantum-safe-wolfssl-all-crypto-only-intelasm-fips-dev-linuxkm-next-insmod

@douzzer
linuxkm/module_hooks.c: in wc_linuxkm_GenerateSeed_IntelRD(), log whe…
097cd57 
…n RDSEED support is missing, and add verbose logging for generation failures.
@douzzer
src/x509.c: in wolfSSL_X509_get_ext_by_OBJ() and wolfSSL_X509_load_ce…
9b90ea8 
…rt_crl_file(), add local protection from null derefs (fixes -Wnull-dereferences);

wolfcrypt/src/chacha.c and wolfssl/wolfcrypt/chacha.h: implement USE_ARM_CHACHA_SPEEDUP gate;

wolfcrypt/src/kdf.c: in wc_SSH_KDF(), add early return if _HashInit() fails (fixes _HashFree() of uninited _hash);

wolfcrypt/src/sha256.c: initialize sha256->W in ARMASM variant of wc_InitSha256_ex(), and pass sha256->heap to XMALLOC/XFREE consistently.
@douzzer
src/internal.c and tests/api.c: fix clang-analyzer-core.NullPointerAr…
8c60b7b 
…ithms.
@douzzer douzzer requested a review from wolfSSL-Bot October 28, 2025 21:45
@douzzer douzzer mentioned this pull request Oct 28, 2025
Closed
@douzzer
Copy link
Copy Markdown
Contributor Author

douzzer commented Oct 28, 2025

retest this please

FAIL scripts/openssl.test (exit status: 1)

FAIL: scripts/ocsp-stapling2.test

@dgarske dgarske merged commit df79b10 into wolfSSL:master Oct 28, 2025
290 of 294 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dgarske dgarske dgarske approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@douzzer @dgarske @wolfSSL-Bot