Skip to content

20260112 Coverity: update macros and add length checks #9646

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rlm2002 wants to merge 3 commits into
base: master
Choose a base branch
from
Open

20260112 Coverity: update macros and add length checks #9646

rlm2002 wants to merge 3 commits into from

Conversation

@rlm2002
Copy link
Contributor

@rlm2002 rlm2002 commented Jan 12, 2026
edited
Loading

Description

Update WC_CALLOC_VAR_EX, now calls XMEMSET properly. Uses sizeof(VAR_TYPE)
(CID 556176-556182: Uninitialized scalar variable)

Add length checks for TLS extensions supported_versions and KeyShare based on RFC 8446 and 9147
(CID 487950/487948: Untrusted loop bound)

Add cleanup for table and iTable variables in sakke_kat_derive_test() once set by XMALLOC().
CID 420937: Resource leak

Testing

./configure --enable-all && make check
./configure --enable-all --enable-sakke && make check

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@rlm2002 rlm2002 changed the title Coverity 20260112 Coverity: update macros and add length checks Jan 12, 2026
@rlm2002 rlm2002 self-assigned this Jan 13, 2026
@rlm2002
Copy link
Contributor Author

rlm2002 commented Jan 13, 2026

retest this please jenkins: PRB-generic-config-parser: was not stable -> Found unhandled org.jenkinsci.plugins.workflow.support.steps.AgentOfflineException exception:

@rlm2002 rlm2002 marked this pull request as ready for review January 13, 2026 16:30
@rlm2002 rlm2002 assigned wolfSSL-Bot and unassigned rlm2002 Jan 13, 2026
@rlm2002
XMEMSET with WC_CALLOC_VAR_EX
e32ac6f 
switch WC_ALLOC_VAR_EX with XMEMSET to WC_CALLOC_VAR_EX

fix XMEMSET call for WC_CALLOC_VAR_EX
@rlm2002
verify length limit for supported version ext
301abb7 
add length check to tls extensions
@rlm2002
Copy link
Contributor Author

rlm2002 commented Jan 14, 2026

retest this please Jenkins. PRB-generic-config-parser was unstable: Found unhandled org.jenkinsci.plugins.workflow.support.steps.AgentOfflineException exception

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rlm2002 @wolfSSL-Bot