From 6a3f30514a21d06aa27acd9cc63ab0c0f53f17b7 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Thu, 20 Jul 2017 14:18:54 +0100 Subject: [PATCH] Ensure MD self_test ret codes are not hidden Also fix a potential memory leak and an incorrect goto statement in sha1.c self_test --- library/ripemd160.c | 7 +++++-- library/sha1.c | 20 ++++++++++++-------- library/sha256.c | 21 +++++++++++++-------- library/sha512.c | 19 ++++++++++++------- 4 files changed, 42 insertions(+), 25 deletions(-) diff --git a/library/ripemd160.c b/library/ripemd160.c index 8bf988eae..4e92bb735 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -464,7 +464,7 @@ static const unsigned char ripemd160_test_md[TESTS][20] = */ int mbedtls_ripemd160_self_test( int verbose ) { - int i, ret; + int i, ret = 0; unsigned char output[20]; memset( output, 0, sizeof output ); @@ -481,7 +481,10 @@ int mbedtls_ripemd160_self_test( int verbose ) goto fail; if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 ) + { + ret = 1; goto fail; + } if( verbose != 0 ) mbedtls_printf( "passed\n" ); @@ -496,7 +499,7 @@ fail: if( verbose != 0 ) mbedtls_printf( "failed\n" ); - return( 1 ); + return( ret ); } #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/sha1.c b/library/sha1.c index fdd087868..64b70f051 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -439,7 +439,7 @@ int mbedtls_sha1_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " SHA-1 test #%d: ", i + 1 ); - if( mbedtls_sha1_starts_ext( &ctx ) != 0 ) + if( ( ret = mbedtls_sha1_starts_ext( &ctx ) ) != 0 ) goto fail; if( i == 2 ) @@ -448,21 +448,27 @@ int mbedtls_sha1_self_test( int verbose ) for( j = 0; j < 1000; j++ ) { - if( mbedtls_sha1_update_ext( &ctx, buf, buflen ) != 0 ) + ret = mbedtls_sha1_update_ext( &ctx, buf, buflen ); + if( ret != 0 ) goto fail; } } else { - if( mbedtls_sha1_update_ext( &ctx, sha1_test_buf[i], - sha1_test_buflen[i] ) != 0 ) + ret = mbedtls_sha1_update_ext( &ctx, sha1_test_buf[i], + sha1_test_buflen[i] ); + if( ret != 0 ) goto fail; } - mbedtls_sha1_finish_ext( &ctx, sha1sum ); + if( ( ret = mbedtls_sha1_finish_ext( &ctx, sha1sum ) ) != 0 ) + goto fail; if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) - goto exit; + { + ret = 1; + goto fail; + } if( verbose != 0 ) mbedtls_printf( "passed\n" ); @@ -477,8 +483,6 @@ fail: if( verbose != 0 ) mbedtls_printf( "failed\n" ); - ret = 1; - exit: mbedtls_sha1_free( &ctx ); diff --git a/library/sha256.c b/library/sha256.c index 88435a3c4..16a2f0b2f 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -448,7 +448,7 @@ int mbedtls_sha256_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); - if( mbedtls_sha256_starts_ext( &ctx, k ) != 0 ) + if( ( ret = mbedtls_sha256_starts_ext( &ctx, k ) ) != 0 ) goto fail; if( j == 2 ) @@ -456,23 +456,30 @@ int mbedtls_sha256_self_test( int verbose ) memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) - if( mbedtls_sha256_update_ext( &ctx, buf, buflen ) != 0 ) + { + ret = mbedtls_sha256_update_ext( &ctx, buf, buflen ); + if( ret != 0 ) goto fail; + } } else { - if( mbedtls_sha256_update_ext( &ctx, sha256_test_buf[j], - sha256_test_buflen[j] ) != 0 ) - goto fail; + ret = mbedtls_sha256_update_ext( &ctx, sha256_test_buf[j], + sha256_test_buflen[j] ); + if( ret != 0 ) + goto fail; } - if( mbedtls_sha256_finish_ext( &ctx, sha256sum ) != 0 ) + if( ( ret = mbedtls_sha256_finish_ext( &ctx, sha256sum ) ) != 0 ) goto fail; if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 ) + { + ret = 1; goto fail; + } if( verbose != 0 ) mbedtls_printf( "passed\n" ); @@ -487,8 +494,6 @@ fail: if( verbose != 0 ) mbedtls_printf( "failed\n" ); - ret = 1; - exit: mbedtls_sha256_free( &ctx ); mbedtls_free( buf ); diff --git a/library/sha512.c b/library/sha512.c index ff7e5ca5b..76d21ddfa 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -504,7 +504,7 @@ int mbedtls_sha512_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); - if( mbedtls_sha512_starts_ext( &ctx, k ) != 0 ) + if( ( ret = mbedtls_sha512_starts_ext( &ctx, k ) ) != 0 ) goto fail; if( j == 2 ) @@ -512,21 +512,28 @@ int mbedtls_sha512_self_test( int verbose ) memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) - if( mbedtls_sha512_update_ext( &ctx, buf, buflen ) != 0 ) + { + ret = mbedtls_sha512_update_ext( &ctx, buf, buflen ); + if( ret != 0 ) goto fail; + } } else { - if( mbedtls_sha512_update_ext( &ctx, sha512_test_buf[j], - sha512_test_buflen[j] ) != 0 ) + ret = mbedtls_sha512_update_ext( &ctx, sha512_test_buf[j], + sha512_test_buflen[j] ); + if( ret != 0 ) goto fail; } - if( mbedtls_sha512_finish_ext( &ctx, sha512sum ) != 0 ) + if( ( ret = mbedtls_sha512_finish_ext( &ctx, sha512sum ) ) != 0 ) goto fail; if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 ) + { + ret = 1; goto fail; + } if( verbose != 0 ) mbedtls_printf( "passed\n" ); @@ -541,8 +548,6 @@ fail: if( verbose != 0 ) mbedtls_printf( "failed\n" ); - ret = 1; - exit: mbedtls_sha512_free( &ctx ); mbedtls_free( buf );