From: Viktor Dukhovni Date: Tue, 5 Aug 2025 13:10:20 +0000 (+1000) Subject: Coverity nits X-Git-Tag: openssl-3.6.0-alpha1~248 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=252046cfc2c8e4c7ea40b78170d644d2787b44ff;p=thirdparty%2Fopenssl.git Coverity nits Reviewed-by: Saša Nedvědický Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/28176) --- diff --git a/crypto/cms/cms_kemri.c b/crypto/cms/cms_kemri.c index 2af94b7c01c..55c3783479d 100644 --- a/crypto/cms/cms_kemri.c +++ b/crypto/cms/cms_kemri.c @@ -168,8 +168,7 @@ int CMS_RecipientInfo_kemri_set_ukm(CMS_RecipientInfo *ri, kemri->ukm = ASN1_OCTET_STRING_new(); if (kemri->ukm == NULL) return 0; - ASN1_OCTET_STRING_set(kemri->ukm, ukm, ukmLength); - return 1; + return ASN1_OCTET_STRING_set(kemri->ukm, ukm, ukmLength); } static EVP_KDF_CTX *create_kdf_ctx(CMS_KEMRecipientInfo *kemri) @@ -284,7 +283,7 @@ static int cms_kek_cipher(unsigned char **pout, size_t *poutlen, rv = 1; err: OPENSSL_free(out); - OPENSSL_cleanse(kek, keklen); + OPENSSL_cleanse(kek, sizeof(kek)); EVP_CIPHER_CTX_reset(kemri->ctx); EVP_PKEY_CTX_free(kemri->pctx); kemri->pctx = NULL; diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c.in b/providers/implementations/ciphers/cipher_chacha20_poly1305.c.in index b20fa33ddf8..c4d265e367e 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c.in +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c.in @@ -188,7 +188,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->base.hw; struct chacha20_poly1305_set_ctx_params_st p; - if (ctx == NULL || !chacha20_poly1305_set_ctx_params_decoder(params, &p)) + if (!chacha20_poly1305_set_ctx_params_decoder(params, &p)) return 0; diff --git a/providers/implementations/kdfs/hmacdrbg_kdf.c.in b/providers/implementations/kdfs/hmacdrbg_kdf.c.in index b77771f7d99..7173799b436 100644 --- a/providers/implementations/kdfs/hmacdrbg_kdf.c.in +++ b/providers/implementations/kdfs/hmacdrbg_kdf.c.in @@ -199,7 +199,7 @@ static int hmac_drbg_kdf_set_ctx_params(void *vctx, size_t size = 0; int md_size; - if (hmac == NULL || !hmac_drbg_kdf_set_ctx_params_decoder(params, &p)) + if (!hmac_drbg_kdf_set_ctx_params_decoder(params, &p)) return 0; if (p.ent != NULL) { diff --git a/providers/implementations/kdfs/kbkdf.c.in b/providers/implementations/kdfs/kbkdf.c.in index 0e2083d486b..6a058194afb 100644 --- a/providers/implementations/kdfs/kbkdf.c.in +++ b/providers/implementations/kdfs/kbkdf.c.in @@ -392,7 +392,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) struct kbkdf_set_ctx_params_st p; const char *s; - if (ctx == NULL || !kbkdf_set_ctx_params_decoder(params, &p)) + if (!kbkdf_set_ctx_params_decoder(params, &p)) return 0; if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p.ind_k)) diff --git a/providers/implementations/kdfs/krb5kdf.c.in b/providers/implementations/kdfs/krb5kdf.c.in index 14c6f0c8ec0..e85152ad20f 100644 --- a/providers/implementations/kdfs/krb5kdf.c.in +++ b/providers/implementations/kdfs/krb5kdf.c.in @@ -168,7 +168,7 @@ static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KRB5KDF_CTX *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); - if (ctx == NULL || !krb5kdf_set_ctx_params_decoder(params, &p)) + if (!krb5kdf_set_ctx_params_decoder(params, &p)) return 0; if (!ossl_prov_cipher_load(&ctx->cipher, p.cipher, p.propq, p.engine, provctx)) diff --git a/providers/implementations/kdfs/pbkdf1.c.in b/providers/implementations/kdfs/pbkdf1.c.in index 9e5a39d27a4..8f8ffcfef93 100644 --- a/providers/implementations/kdfs/pbkdf1.c.in +++ b/providers/implementations/kdfs/pbkdf1.c.in @@ -217,7 +217,7 @@ static int kdf_pbkdf1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_PBKDF1 *ctx = vctx; OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); - if (ctx == NULL || !pbkdf1_set_ctx_params_decoder(params, &p)) + if (!pbkdf1_set_ctx_params_decoder(params, &p)) return 0; if (!ossl_prov_digest_load(&ctx->digest, p.digest, diff --git a/providers/implementations/kdfs/pbkdf2.c.in b/providers/implementations/kdfs/pbkdf2.c.in index e7c5fdc0b53..62e5b6ae1c9 100644 --- a/providers/implementations/kdfs/pbkdf2.c.in +++ b/providers/implementations/kdfs/pbkdf2.c.in @@ -301,7 +301,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) uint64_t iter; const EVP_MD *md; - if (ctx == NULL || !pbkdf2_set_ctx_params_decoder(params, &p)) + if (!pbkdf2_set_ctx_params_decoder(params, &p)) return 0; if (p.digest != NULL) { diff --git a/providers/implementations/kdfs/pkcs12kdf.c.in b/providers/implementations/kdfs/pkcs12kdf.c.in index b607c6e2b24..2b980f92d9f 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c.in +++ b/providers/implementations/kdfs/pkcs12kdf.c.in @@ -259,7 +259,7 @@ static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_PKCS12 *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); - if (ctx == NULL || !pkcs12_set_ctx_params_decoder(params, &p)) + if (!pkcs12_set_ctx_params_decoder(params, &p)) return 0; if (!ossl_prov_digest_load(&ctx->digest, p.digest, diff --git a/providers/implementations/kdfs/pvkkdf.c.in b/providers/implementations/kdfs/pvkkdf.c.in index 4b705cb8a43..eade43e5c0c 100644 --- a/providers/implementations/kdfs/pvkkdf.c.in +++ b/providers/implementations/kdfs/pvkkdf.c.in @@ -195,7 +195,7 @@ static int kdf_pvk_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_PVK *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); - if (ctx == NULL || !pvk_set_ctx_params_decoder(params, &p)) + if (!pvk_set_ctx_params_decoder(params, &p)) return 0; if (!ossl_prov_digest_load(&ctx->digest, p.digest, p.propq, p.engine, diff --git a/providers/implementations/kdfs/sshkdf.c.in b/providers/implementations/kdfs/sshkdf.c.in index de2b58b6b71..1f0a9108ccc 100644 --- a/providers/implementations/kdfs/sshkdf.c.in +++ b/providers/implementations/kdfs/sshkdf.c.in @@ -227,7 +227,7 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_SSHKDF *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); - if (ctx == NULL || !sshkdf_set_ctx_params_decoder(params, &p)) + if (!sshkdf_set_ctx_params_decoder(params, &p)) return 0; if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p.ind_d)) diff --git a/providers/implementations/kdfs/tls1_prf.c.in b/providers/implementations/kdfs/tls1_prf.c.in index 934149ae7a9..7b407b21699 100644 --- a/providers/implementations/kdfs/tls1_prf.c.in +++ b/providers/implementations/kdfs/tls1_prf.c.in @@ -303,7 +303,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) TLS1_PRF *ctx = vctx; OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); - if (ctx == NULL || !tls1prf_set_ctx_params_decoder(params, &p)) + if (!tls1prf_set_ctx_params_decoder(params, &p)) return 0; if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p.ind_e)) diff --git a/providers/implementations/kdfs/x942kdf.c.in b/providers/implementations/kdfs/x942kdf.c.in index a90ce38094f..3fe78cafc4c 100644 --- a/providers/implementations/kdfs/x942kdf.c.in +++ b/providers/implementations/kdfs/x942kdf.c.in @@ -555,7 +555,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) const EVP_MD *md; size_t id; - if (ctx == NULL || !sshkdf_set_ctx_params_decoder(params, &p)) + if (!sshkdf_set_ctx_params_decoder(params, &p)) return 0; if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p.ind_k)) diff --git a/providers/implementations/keymgmt/ml_dsa_kmgmt.c.in b/providers/implementations/keymgmt/ml_dsa_kmgmt.c.in index d15b69fd687..f806fb73e78 100644 --- a/providers/implementations/keymgmt/ml_dsa_kmgmt.c.in +++ b/providers/implementations/keymgmt/ml_dsa_kmgmt.c.in @@ -205,7 +205,7 @@ static int ml_dsa_key_fromdata(ML_DSA_KEY *key, const OSSL_PARAM params[], size_t pk_len = 0, sk_len = 0, seed_len = 0; struct ml_dsa_key_type_params_st p; - if (key == NULL || !ml_dsa_key_type_params_decoder(params, &p)) + if (!ml_dsa_key_type_params_decoder(params, &p)) return 0; if (p.pubkey != NULL) { diff --git a/providers/implementations/keymgmt/ml_kem_kmgmt.c.in b/providers/implementations/keymgmt/ml_kem_kmgmt.c.in index 89c78636b58..5d53fff0b08 100644 --- a/providers/implementations/keymgmt/ml_kem_kmgmt.c.in +++ b/providers/implementations/keymgmt/ml_kem_kmgmt.c.in @@ -580,7 +580,7 @@ static int ml_kem_get_params(void *vkey, OSSL_PARAM params[]) const ML_KEM_VINFO *v = ossl_ml_kem_key_vinfo(key); struct ml_kem_get_params_st p; - if (key == NULL || !ml_kem_get_params_decoder(params, &p)) + if (!ml_kem_get_params_decoder(params, &p)) return 0; if (p.bits != NULL && !OSSL_PARAM_set_size_t(p.bits, v->bits)) diff --git a/providers/implementations/keymgmt/mlx_kmgmt.c.in b/providers/implementations/keymgmt/mlx_kmgmt.c.in index 68998dd4ca8..c0f1efac4b4 100644 --- a/providers/implementations/keymgmt/mlx_kmgmt.c.in +++ b/providers/implementations/keymgmt/mlx_kmgmt.c.in @@ -502,7 +502,7 @@ static int mlx_kem_get_params(void *vkey, OSSL_PARAM params[]) size_t publen = key->minfo->pubkey_bytes + key->xinfo->pubkey_bytes; size_t prvlen = key->minfo->prvkey_bytes + key->xinfo->prvkey_bytes; - if (key == NULL || !mlx_get_params_decoder(params, &p)) + if (!mlx_get_params_decoder(params, &p)) return 0; /* The reported "bit" count is those of the ML-KEM key */