diff --git a/src/internal.c b/src/internal.c index 3765426a327..1f51db6468f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -27241,11 +27241,6 @@ int SendCertificateStatus(WOLFSSL* ssl) else { while (ret == 0 && i < MAX_CHAIN_DEPTH && NULL != (request = ssl->ctx->chainOcspRequest[i])) { - if ((i + 1) >= MAX_CERT_EXTENSIONS) { - ret = MAX_CERT_EXTENSIONS_ERR; - break; - } - request->ssl = ssl; ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling, request, &responses[++i], ssl->heap); diff --git a/tests/api.c b/tests/api.c index 238ea673976..a2190479d8b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -15015,6 +15015,9 @@ static int ech_find_extension(byte* buf, word16* idx_p, word16 extType) if (seekRet < 0) { return seekRet; } + if (extLen > MAX_RECORD_SIZE) { + return BAD_FUNC_ARG; + } idx = extIdx = ((word16)seekRet + *idx_p); while (idx - extIdx < extLen) { diff --git a/tests/api/test_dh.c b/tests/api/test_dh.c index 30a4c8b575b..8a2bd1020d5 100644 --- a/tests/api/test_dh.c +++ b/tests/api/test_dh.c @@ -625,6 +625,9 @@ int test_wc_DhAgree_nonblock(void) int ret; int rounds; + XMEMSET(&aliceKey, 0, sizeof(aliceKey)); + XMEMSET(&bobKey, 0, sizeof(bobKey)); + ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_InitDhKey(&aliceKey), 0); ExpectIntEQ(wc_InitDhKey(&bobKey), 0); @@ -691,6 +694,8 @@ int test_wc_DhImportExportKeyPair(void) byte privOut[TEST_DH_BUF_SIZE], pubOut[TEST_DH_BUF_SIZE]; word32 privOutSz, pubOutSz; + XMEMSET(&key, 0, sizeof(key)); + ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_InitDhKey(&key), 0); ExpectIntEQ(wc_DhSetNamedKey(&key, WC_FFDHE_2048), 0); @@ -770,6 +775,8 @@ int test_wc_DhCheckPubKey(void) word32 privSz = sizeof(priv), pubSz = sizeof(pub); byte tiny[1] = { 0x01 }; + XMEMSET(&key, 0, sizeof(key)); + ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(params = wc_Dh_ffdhe2048_Get()); @@ -838,6 +845,8 @@ int test_wc_DhCheckPrivKey(void) word32 privSz = sizeof(priv), pubSz = sizeof(pub); byte zero[1] = { 0x00 }; + XMEMSET(&key, 0, sizeof(key)); + ExpectIntEQ(wc_InitRng(&rng), 0); ExpectNotNull(params = wc_Dh_ffdhe2048_Get()); ExpectIntEQ(wc_InitDhKey(&key), 0); @@ -910,6 +919,8 @@ int test_wc_DhCheckKeyPair(void) byte priv[TEST_DH_BUF_SIZE] = {0}, pub[TEST_DH_BUF_SIZE] = {0}; word32 privSz = sizeof(priv), pubSz = sizeof(pub); + XMEMSET(&key, 0, sizeof(key)); + ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_InitDhKey(&key), 0); ExpectIntEQ(wc_DhSetNamedKey(&key, WC_FFDHE_2048), 0); @@ -970,6 +981,8 @@ int test_wc_DhGenerateParams_and_ExportRaw(void) byte gOut[TEST_DH_BUF_SIZE]; word32 pSz, qSz, gSz; + XMEMSET(&dh, 0, sizeof(dh)); + ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_InitDhKey(&dh), 0); diff --git a/tests/api/test_ed25519.c b/tests/api/test_ed25519.c index d9ff72b18e5..f7bc8b41bbd 100644 --- a/tests/api/test_ed25519.c +++ b/tests/api/test_ed25519.c @@ -1034,6 +1034,7 @@ int test_wc_ed25519_verify_streaming(void) XMEMSET(&key, 0, sizeof(key)); XMEMSET(&rng, 0, sizeof(WC_RNG)); + XMEMSET(sig, 0, sizeof(sig)); ExpectIntEQ(wc_ed25519_init(&key), 0); ExpectIntEQ(wc_InitRng(&rng), 0); diff --git a/tests/api/test_ossl_x509_vp.c b/tests/api/test_ossl_x509_vp.c index 9cc31179af9..c5e0cbbb36c 100644 --- a/tests/api/test_ossl_x509_vp.c +++ b/tests/api/test_ossl_x509_vp.c @@ -170,13 +170,13 @@ int test_wolfSSL_X509_VERIFY_PARAM(void) paramTo->flags = WOLFSSL_USE_CHECK_TIME; paramFrom->check_time = 22; ExpectIntEQ(X509_VERIFY_PARAM_inherit(paramTo, paramFrom), 1); - ExpectIntEQ(paramTo->check_time, 11); + ExpectIntEQ(paramTo->check_time == 11, 1); ExpectIntEQ(paramTo->flags & WOLFSSL_USE_CHECK_TIME, WOLFSSL_USE_CHECK_TIME); paramTo->inherit_flags = X509_VP_FLAG_OVERWRITE; ExpectIntEQ(X509_VERIFY_PARAM_inherit(paramTo, paramFrom), 1); - ExpectIntEQ(paramTo->check_time, 22); + ExpectIntEQ(paramTo->check_time == 22, 1); ExpectIntEQ(paramTo->flags & WOLFSSL_USE_CHECK_TIME, 0); /* test for incorrect parameters */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 914cdb2f0c0..bd80e80da39 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -75717,7 +75717,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) use SW */ myCryptoDevCtx* myCtx = (myCryptoDevCtx*)ctx; - if (info == NULL) + if (info == NULL || myCtx == NULL) return BAD_FUNC_ARG; #ifdef DEBUG_WOLFSSL @@ -76010,7 +76010,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx) } else { ret = 0; - if (myCtx != NULL && myCtx->eccCheckPubExpectZeroPoint) { + if (myCtx->eccCheckPubExpectZeroPoint) { const byte* pub = info->pk.ecc_check_pub.pubKey; word32 curveSz = (word32)k->dp->size; word32 ptSz = 1 + 2 * curveSz;