diff --git a/can-bus/server.c b/can-bus/server.c index 83ac466cc..5ddb7bfec 100644 --- a/can-bus/server.c +++ b/can-bus/server.c @@ -51,8 +51,9 @@ int main(int argc, char *argv[]) int input; char reply[RECV_MSG_LEN]; memset(reply, 0, RECV_MSG_LEN); - input = wolfSSL_read(ssl, reply, RECV_MSG_LEN); + input = wolfSSL_read(ssl, reply, RECV_MSG_LEN - 1); if (input > 0) { + reply[input] = '\0'; printf("Got message: %s\n", reply); } } diff --git a/crypto/pkcs12/pkcs12-create-example.c b/crypto/pkcs12/pkcs12-create-example.c index e117be625..dc8d920a3 100644 --- a/crypto/pkcs12/pkcs12-create-example.c +++ b/crypto/pkcs12/pkcs12-create-example.c @@ -152,9 +152,8 @@ static int loadKey(byte** keyDer, word32* keySz, RsaKey* key, const char* f) printf("return from loading in private key = %d\n", ret); } - if (*keySz < 0) { + if (ret < 0) { printf("unable to decode private key\n"); - ret = *keySz; } return ret; diff --git a/dtls/client-dtls-export.c b/dtls/client-dtls-export.c index 2cdc4b5e1..4f8604f39 100644 --- a/dtls/client-dtls-export.c +++ b/dtls/client-dtls-export.c @@ -141,7 +141,7 @@ int main(int argc, char** argv) /* First call to get required buffer size */ ret = wolfSSL_dtls_export(ssl, NULL, &sessionSz); - if (ret != 0 && sessionSz == 0) { + if (ret < 0 || sessionSz == 0) { fprintf(stderr, "Error: wolfSSL_dtls_export (get size) failed: %d\n", ret); ret = 1; diff --git a/dtls/client-dtls-resume.c b/dtls/client-dtls-resume.c index 8b4b9019f..90deed6dc 100644 --- a/dtls/client-dtls-resume.c +++ b/dtls/client-dtls-resume.c @@ -148,6 +148,12 @@ main(int argc, return EXIT_FAILURE; } + ret = talk_to_server(ssl_res, "client message after resume"); + + if (ret) { + return EXIT_FAILURE; + } + /* Test if the resume was successful */ if (wolfSSL_session_reused(ssl_res)) { printf("info: session ID reused; Successful resume\n"); @@ -156,12 +162,6 @@ main(int argc, printf("info: session ID not reused\n"); } - ret = talk_to_server(ssl_res, "client message after resume"); - - if (ret) { - return EXIT_FAILURE; - } - /* Cleanup memory used for storing the session information */ wolfSSL_shutdown(ssl_res); wolfSSL_free(ssl_res); diff --git a/dtls/server-dtls-demux.c b/dtls/server-dtls-demux.c index 4344d8f3c..8817c2339 100644 --- a/dtls/server-dtls-demux.c +++ b/dtls/server-dtls-demux.c @@ -463,8 +463,8 @@ WOLFSSL* newSSL(WOLFSSL_CTX* ctx, int fd, WC_RNG* rng, struct ConnList* connList /* Check that the CID is not in use */ for (conn = connList; conn != NULL; conn = conn->next) { byte* cid = NULL; - if (wolfSSL_dtls_cid_get0_rx(ssl, &cid) == WOLFSSL_SUCCESS && - memcmp(newCid, cid, CID_SIZE) == 0) { + if (wolfSSL_dtls_cid_get0_rx(conn->ssl, &cid) == WOLFSSL_SUCCESS && + cid != NULL && memcmp(newCid, cid, CID_SIZE) == 0) { found = 1; break; } @@ -704,7 +704,7 @@ static void addTimeSpec(struct timespec* ts, WOLFSSL* ssl) if (ts->tv_nsec + rem > 999999999) { /* does not fit in tv_nsec member */ ts->tv_sec++; - ts->tv_nsec = ts->tv_nsec + rem - 999999999; + ts->tv_nsec = ts->tv_nsec + rem - 1000000000; } else { ts->tv_nsec += rem; diff --git a/dtls/server-dtls-export.c b/dtls/server-dtls-export.c index 857e00d98..2f4bd9f7a 100644 --- a/dtls/server-dtls-export.c +++ b/dtls/server-dtls-export.c @@ -210,7 +210,7 @@ int main(int argc, char** argv) /* First call to get required buffer size */ ret = wolfSSL_dtls_export(ssl, NULL, &sessionSz); - if (ret != 0 && sessionSz == 0) { + if (ret < 0 || sessionSz == 0) { fprintf(stderr, "Error: wolfSSL_dtls_export (get size) failed: %d\n", ret); ret = 1; diff --git a/hash/hash-file.c b/hash/hash-file.c index 99367dc5d..750e79364 100644 --- a/hash/hash-file.c +++ b/hash/hash-file.c @@ -99,7 +99,7 @@ enum wc_HashType hash_type_from_string(char* name) #endif #ifdef WOLFSSL_SM3 else if (strcmp(name, "SM3") == 0) { - return WC_HASH_TYPE_SHAKE256; + return WC_HASH_TYPE_SM3; } #endif else { diff --git a/lwip/example-lwip-native-echoclient.c b/lwip/example-lwip-native-echoclient.c index 3d3f18d30..dfe9bdae1 100644 --- a/lwip/example-lwip-native-echoclient.c +++ b/lwip/example-lwip-native-echoclient.c @@ -117,7 +117,7 @@ void tls_echoclient_connect(void) ret = wolfSSL_write(ssl, TEST_MSG, sizeof(TEST_MSG)); if (ret <= 0) { loggingCb(0, "error when writing TLS message"); - shutdown(); + TLS_shutdown(); } else { tlsWaitingForReply = 1; @@ -133,12 +133,12 @@ void tls_echoclient_connect(void) if (err != SSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_WANT_WRITE) { loggingCb(0, "error when reading TLS message"); - shutdown(); + TLS_shutdown(); } } if (ret > 0) { loggingCb(0, reply); - shutdown(); /* received reply, done with connection */ + TLS_shutdown(); /* received reply, done with connection */ } } } @@ -169,7 +169,7 @@ static int TLS_setup(void) ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); if (ctx == NULL) { loggingCb(0, "ctx was null"); - shutdown(); + TLS_shutdown(); return ERR_MEM; } @@ -203,7 +203,7 @@ static int TLS_connect(void) if (err != SSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_WANT_WRITE) { loggingCb(0, "connect error, shutting down"); loggingCb(0, wolfSSL_ERR_reason_error_string(err)); - shutdown(); + TLS_shutdown(); return ERR_CONN; } loggingCb(0, "found want read/write"); diff --git a/pk/dh-pg/dh-pg-ka.c b/pk/dh-pg/dh-pg-ka.c index 35567656e..95a1bf1b3 100644 --- a/pk/dh-pg/dh-pg-ka.c +++ b/pk/dh-pg/dh-pg-ka.c @@ -433,7 +433,7 @@ int main(int argc, char *argv[]) /* Free allocated items */ wc_FreeDhKey(&key1); - wc_FreeDhKey(&key1); + wc_FreeDhKey(&key2); wc_FreeRng(&rng); return 0; diff --git a/pkcs7/envelopedData-ktri-stream.c b/pkcs7/envelopedData-ktri-stream.c index d8a3034c0..f7a0232f0 100644 --- a/pkcs7/envelopedData-ktri-stream.c +++ b/pkcs7/envelopedData-ktri-stream.c @@ -101,11 +101,11 @@ static int load_certs(byte* cert, word32* certSz, byte* key, word32* keySz) } -static size_t envelopedData_encrypt(byte* cert, word32 certSz, byte* key, +static int envelopedData_encrypt(byte* cert, word32 certSz, byte* key, word32 keySz, byte* out, word32 outSz, word32 contentSz, byte useStreamMode) { - size_t ret; + int ret; PKCS7* pkcs7; pkcs7 = wc_PKCS7_New(NULL, INVALID_DEVID); @@ -125,7 +125,7 @@ static size_t envelopedData_encrypt(byte* cert, word32 certSz, byte* key, /* add recipient using RSA certificate (KTRI type) */ ret = wc_PKCS7_AddRecipient_KTRI(pkcs7, cert, certSz, 0); if (ret < 0) { - printf("wc_PKCS7_AddRecipient_KTRI() failed, ret = %zu\n", ret); + printf("wc_PKCS7_AddRecipient_KTRI() failed, ret = %d\n", ret); wc_PKCS7_Free(pkcs7); return -1; } @@ -133,7 +133,7 @@ static size_t envelopedData_encrypt(byte* cert, word32 certSz, byte* key, /* encode envelopedData, returns size */ ret = wc_PKCS7_EncodeEnvelopedData(pkcs7, out, outSz); if (ret <= 0) { - printf("ERROR: wc_PKCS7_EncodeEnvelopedData() failed, ret = %zu\n", ret); + printf("ERROR: wc_PKCS7_EncodeEnvelopedData() failed, ret = %d\n", ret); wc_PKCS7_Free(pkcs7); return -1; @@ -147,11 +147,11 @@ static size_t envelopedData_encrypt(byte* cert, word32 certSz, byte* key, return ret; } -static size_t envelopedData_decrypt(byte* in, word32 inSz, byte* cert, +static int envelopedData_decrypt(byte* in, word32 inSz, byte* cert, word32 certSz, byte* key, word32 keySz, byte* out, word32 outSz) { - size_t ret; + int ret; PKCS7* pkcs7; pkcs7 = wc_PKCS7_New(NULL, INVALID_DEVID); @@ -175,7 +175,7 @@ static size_t envelopedData_decrypt(byte* in, word32 inSz, byte* cert, /* decode envelopedData, returns size */ ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, in, inSz, out, outSz); if (ret <= 0) { - printf("Failed to decode EnvelopedData bundle (%s), error %zu\n", + printf("Failed to decode EnvelopedData bundle (%s), error %d\n", encodedFileKTRI, ret); wc_PKCS7_Free(pkcs7); return -1; @@ -197,7 +197,7 @@ static size_t envelopedData_decrypt(byte* in, word32 inSz, byte* cert, int main(int argc, char** argv) { int ret = 0; - size_t encryptedSz = 0, decryptedSz; + int encryptedSz = 0, decryptedSz; word32 certSz, keySz, contentSz = 0; byte cert[DEFAULT_EXAMPLE_BUFFER_SIZE]; @@ -279,7 +279,7 @@ int main(int argc, char** argv) printf("error reading file %s\n", encodedFileKTRI); ret = -1; } - printf("Read %ld bytes for encrypted file found\n", encryptedSz); + printf("Read %d bytes for encrypted file found\n", encryptedSz); } if (ret == 0) { diff --git a/pkcs7/smime-verify.c b/pkcs7/smime-verify.c index e449d54c7..f014bc3d4 100644 --- a/pkcs7/smime-verify.c +++ b/pkcs7/smime-verify.c @@ -176,6 +176,7 @@ static int ReadSmimeAndCert(char* smimeFile, char* certFile, char* contentFile, { int ret; XFILE f; + int contentMaxSz = *contentSz; *contentSz = 0; f = XFOPEN(smimeFile, "rb"); @@ -227,10 +228,10 @@ static int ReadSmimeAndCert(char* smimeFile, char* certFile, char* contentFile, return -1; } else { - ret = XFREAD(content, 1, *contentSz, f); + ret = XFREAD(content, 1, contentMaxSz, f); if (ret >= 0) { - if (ret == *contentSz) { - printf("Cert read in was larger than buffer\n"); + if (ret == contentMaxSz) { + printf("Content read in was larger than buffer\n"); XFCLOSE(f); return -1; } diff --git a/pq/stateful_hash_sig/xmss_example.c b/pq/stateful_hash_sig/xmss_example.c index 11acd364f..70e9243ff 100644 --- a/pq/stateful_hash_sig/xmss_example.c +++ b/pq/stateful_hash_sig/xmss_example.c @@ -261,7 +261,7 @@ do_xmss_example(const char * params, } ret = wc_XmssKey_GetPrivLen(&signingKey, &privSz); - if (ret || pubSz == 0) { + if (ret || privSz == 0) { fprintf(stderr, "error: wc_XmssKey_GetPrivLen returned: %d, %d\n", ret, privSz); goto exit_xmss_example; diff --git a/psk/server-psk-nonblocking.c b/psk/server-psk-nonblocking.c index a38e4524d..cfbdabca1 100644 --- a/psk/server-psk-nonblocking.c +++ b/psk/server-psk-nonblocking.c @@ -109,7 +109,7 @@ int main() "DHE-PSK-AES128-GCM-SHA256:" "DHE-PSK-AES256-CBC-SHA384:" "DHE-PSK-AES128-CBC-SHA256:" - "DHE-PSK-CHACHA20-POLY1305" + "DHE-PSK-CHACHA20-POLY1305:" #endif "ECDHE-PSK-AES128-CBC-SHA256:" "ECDHE-PSK-CHACHA20-POLY1305:"; @@ -350,13 +350,13 @@ int main() } /* closes the connections after responding */ + wolfSSL_shutdown(ssl); + wolfSSL_free(ssl); + ssl = NULL; if (close(connfd) == -1) { printf("Fatal error : close error\n"); return 1; } - wolfSSL_shutdown(ssl); - wolfSSL_free(ssl); - ssl = NULL; } } diff --git a/psk/server-psk-threaded.c b/psk/server-psk-threaded.c index c0df787c8..17df81ef2 100644 --- a/psk/server-psk-threaded.c +++ b/psk/server-psk-threaded.c @@ -155,7 +155,7 @@ int main() "DHE-PSK-AES128-GCM-SHA256:" "DHE-PSK-AES256-CBC-SHA384:" "DHE-PSK-AES128-CBC-SHA256:" - "DHE-PSK-CHACHA20-POLY1305" + "DHE-PSK-CHACHA20-POLY1305:" #endif "ECDHE-PSK-AES128-CBC-SHA256:" "ECDHE-PSK-CHACHA20-POLY1305:"; diff --git a/psk/server-psk.c b/psk/server-psk.c index 1fd11f79f..c42045425 100644 --- a/psk/server-psk.c +++ b/psk/server-psk.c @@ -91,7 +91,7 @@ int main() "DHE-PSK-AES128-GCM-SHA256:" "DHE-PSK-AES256-CBC-SHA384:" "DHE-PSK-AES128-CBC-SHA256:" - "DHE-PSK-CHACHA20-POLY1305" + "DHE-PSK-CHACHA20-POLY1305:" #endif "ECDHE-PSK-AES128-CBC-SHA256:" "ECDHE-PSK-CHACHA20-POLY1305:"; diff --git a/tls/client-ech.c b/tls/client-ech.c index 22e7c5bc0..26fb43f76 100644 --- a/tls/client-ech.c +++ b/tls/client-ech.c @@ -237,7 +237,6 @@ int main(void) /* Write the message that will ask the server for information on the * connection */ - wolfSSL_write(ssl, message, strlen(message)); if ((ret = wolfSSL_write(ssl, message, strlen(message))) != strlen(message)) { fprintf(stderr, "ERROR: failed to write entire message\n"); diff --git a/tls/client-tls-nonblocking.c b/tls/client-tls-nonblocking.c index 1e7c9e080..0baec0dfb 100644 --- a/tls/client-tls-nonblocking.c +++ b/tls/client-tls-nonblocking.c @@ -254,8 +254,8 @@ int main(int argc, char** argv) err = wolfSSL_get_error(ssl, 0); if (err == WOLFSSL_ERROR_WANT_READ) tcp_select(sockfd, SELECT_WAIT_SEC, 1); - } while (ret == WOLFSSL_ERROR_WANT_READ || - ret == WOLFSSL_ERROR_WANT_WRITE); + } while (err == WOLFSSL_ERROR_WANT_READ || + err == WOLFSSL_ERROR_WANT_WRITE); printf("Shutdown complete\n"); ret = 0; diff --git a/uefi-library/src/utility_wolf.c b/uefi-library/src/utility_wolf.c index 32e13367b..5794be598 100644 --- a/uefi-library/src/utility_wolf.c +++ b/uefi-library/src/utility_wolf.c @@ -730,7 +730,7 @@ long ftell(FILE* stream) fPtr = (EFI_FILE_HANDLE*)stream; fSize = fileSize(*(fPtr)); - if (fileSize == 0) { + if (fSize == 0) { uefi_printf_wolfssl("File is of size 0\n"); return 0; } @@ -756,7 +756,7 @@ size_t fread(void* ptr, size_t size, size_t count, FILE* stream) fPtr = (EFI_FILE_HANDLE*)stream; fSize = fileSize(*(fPtr)); - if (fileSize == 0) { + if (fSize == 0) { uefi_printf_wolfssl("File is of size 0\n"); return 0; } @@ -1103,8 +1103,9 @@ struct dirent* readdir(DIR* stream) } fSize = fileSize(*(fPtr)); - if (fileSize == 0) { + if (fSize == 0) { uefi_printf_wolfssl("File is of size 0\n"); + XFREE(dirPtr, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; }