yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #5305 from gilles-peskine-arm/test-missing-ret-check-202112-development

Browse source 
Missing error checks + test bug on unlikely failure
This commit is contained in:
Gilles Peskine 2021-12-10 17:41:52 +01:00 committed by GitHub
commit 476b157dc4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 62 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
programs/aes/crypt_and_hash.c
View file

@ -365,7 +365,11 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
mbedtls_md_hmac_starts( &md_ctx, digest, 32 ); if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" );
goto exit;
}
/* /*
* Encrypt and write the ciphertext. * Encrypt and write the ciphertext.
@ -387,7 +391,11 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
mbedtls_md_hmac_update( &md_ctx, output, olen ); if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" );
goto exit;
}
if( fwrite( output, 1, olen, fout ) != olen ) if( fwrite( output, 1, olen, fout ) != olen )
{ {
@ -401,7 +409,11 @@ int main( int argc, char *argv[] )
mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" ); mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" );
goto exit; goto exit;
} }
mbedtls_md_hmac_update( &md_ctx, output, olen ); if( mbedtls_md_hmac_update( &md_ctx, output, olen ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" );
goto exit;
}
if( fwrite( output, 1, olen, fout ) != olen ) if( fwrite( output, 1, olen, fout ) != olen )
{ {
@ -412,7 +424,11 @@ int main( int argc, char *argv[] )
/* /*
* Finally write the HMAC. * Finally write the HMAC.
*/ */
mbedtls_md_hmac_finish( &md_ctx, digest ); if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" );
goto exit;
}
if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) ) if( fwrite( digest, 1, mbedtls_md_get_size( md_info ), fout ) != mbedtls_md_get_size( md_info ) )
{ {
@ -481,10 +497,26 @@ int main( int argc, char *argv[] )
for( i = 0; i < 8192; i++ ) for( i = 0; i < 8192; i++ )
{ {
mbedtls_md_starts( &md_ctx ); if( mbedtls_md_starts( &md_ctx ) != 0 )
mbedtls_md_update( &md_ctx, digest, 32 ); {
mbedtls_md_update( &md_ctx, key, keylen ); mbedtls_fprintf( stderr, "mbedtls_md_starts() returned error\n" );
mbedtls_md_finish( &md_ctx, digest ); goto exit;
}
if( mbedtls_md_update( &md_ctx, digest, 32 ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" );
goto exit;
}
if( mbedtls_md_update( &md_ctx, key, keylen ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_update() returned error\n" );
goto exit;
}
if( mbedtls_md_finish( &md_ctx, digest ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_finish() returned error\n" );
goto exit;
}
} }
if( mbedtls_cipher_setkey( &cipher_ctx, if( mbedtls_cipher_setkey( &cipher_ctx,
@ -508,7 +540,11 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
mbedtls_md_hmac_starts( &md_ctx, digest, 32 ); if( mbedtls_md_hmac_starts( &md_ctx, digest, 32 ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_starts() returned error\n" );
goto exit;
}
/* /*
* Decrypt and write the plaintext. * Decrypt and write the plaintext.
@ -525,7 +561,11 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
mbedtls_md_hmac_update( &md_ctx, buffer, ilen ); if( mbedtls_md_hmac_update( &md_ctx, buffer, ilen ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_update() returned error\n" );
goto exit;
}
if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output, if( mbedtls_cipher_update( &cipher_ctx, buffer, ilen, output,
&olen ) != 0 ) &olen ) != 0 )
{ {
@ -543,7 +583,11 @@ int main( int argc, char *argv[] )
/* /*
* Verify the message authentication code. * Verify the message authentication code.
*/ */
mbedtls_md_hmac_finish( &md_ctx, digest ); if( mbedtls_md_hmac_finish( &md_ctx, digest ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_md_hmac_finish() returned error\n" );
goto exit;
}
if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) ) if( fread( buffer, 1, mbedtls_md_get_size( md_info ), fin ) != mbedtls_md_get_size( md_info ) )
{ {
@ -566,7 +610,11 @@ int main( int argc, char *argv[] )
/* /*
* Write the final block of data * Write the final block of data
*/ */
mbedtls_cipher_finish( &cipher_ctx, output, &olen ); if( mbedtls_cipher_finish( &cipher_ctx, output, &olen ) != 0 )
{
mbedtls_fprintf( stderr, "mbedtls_cipher_finish() returned error\n" );
goto exit;
}
if( fwrite( output, 1, olen, fout ) != olen ) if( fwrite( output, 1, olen, fout ) != olen )
{ {

3
tests/suites/test_suite_cipher.function
View file

@ -198,9 +198,10 @@ void cipher_invalid_param_unconditional( )
(void)valid_mode; /* In some configurations this is unused */ (void)valid_mode; /* In some configurations this is unused */
mbedtls_cipher_init( &valid_ctx ); mbedtls_cipher_init( &valid_ctx );
TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 );
mbedtls_cipher_init( &invalid_ctx ); mbedtls_cipher_init( &invalid_ctx );
TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, valid_info ) == 0 );
/* mbedtls_cipher_setup() */ /* mbedtls_cipher_setup() */
TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) == TEST_ASSERT( mbedtls_cipher_setup( &valid_ctx, NULL ) ==
MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );