Skip to content

20260106 Coverity fixes #9619

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
douzzer merged 1 commit into from
Jan 8, 2026
Merged

20260106 Coverity fixes #9619

douzzer merged 1 commit into from
Jan 8, 2026
+16 −7

Conversation

@rlm2002
Copy link
Contributor

@rlm2002 rlm2002 commented Jan 7, 2026
edited
Loading

Description

Adds WC_CALLOC_VAR_EX() to allocate hmac_copy variable in case the calls to functions before wc_HmacCopy() error out. Before, ERROR_OUT() would attempt to free garbage data when jumping to out label from functions before wc_HmacCopy().

Fixes CID 556176-556182: Uninitialized scalar variable

Testing

./configure --enable-all && make check

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@rlm2002 rlm2002 self-assigned this Jan 7, 2026
@rlm2002
Copy link
Contributor Author

rlm2002 commented Jan 7, 2026

Retest this please jenkins: PRB-generic-config-parser #11753 was not stable

@rlm2002 rlm2002 marked this pull request as ready for review January 7, 2026 16:30
@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Jan 7, 2026

🛟 Devin Lifeguard found 1 likely issues in this PR

  • use-forcezero snippet: Replace each XMEMSET(hmac_copy, 0, sizeof(Hmac)); with ForceZero(hmac_copy, sizeof(Hmac)); to ensure the sensitive Hmac context is securely cleared.

@rlm2002
please take a look at the above issues which Devin flagged. Devin will not fix these issues automatically.

@rlm2002 rlm2002 assigned wolfSSL-Bot and rlm2002 and unassigned rlm2002 and wolfSSL-Bot Jan 7, 2026
dgarske
dgarske requested changes Jan 7, 2026
View reviewed changes
@rlm2002 rlm2002 changed the title 20260106 initialize hmac_copy with XMEMSET 20260106 Coverity fixes Jan 7, 2026
@rlm2002
initialize hmac_copy
6090ddb 
add WC_CALLOC_VAR_EX function, replace WC_ALLOC_VAR_EX in tests
@rlm2002
Copy link
Contributor Author

rlm2002 commented Jan 8, 2026

Retest this please jenkins: PRB-generic-config-parser was not stable

@rlm2002 rlm2002 assigned wolfSSL-Bot and unassigned rlm2002 Jan 8, 2026
@dgarske dgarske requested a review from douzzer January 8, 2026 21:01
@douzzer douzzer merged commit d555c1a into wolfSSL:master Jan 8, 2026
383 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dgarske dgarske dgarske approved these changes

@douzzer douzzer douzzer approved these changes

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rlm2002 @dgarske @douzzer @wolfSSL-Bot