From 181564bb89a665e0eef5396f2eb0a1677ffd05b4 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 24 Oct 2024 14:27:26 +0100 Subject: [PATCH 1/4] Fix tests where tests were done prior to init Variables that are in any way destructed on exit should be initialised prior to any tests that might jump to exit, to save potential uninitialised memory accesses. Signed-off-by: Paul Elliott --- tests/suites/test_suite_x509write.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 3bff94365dec..81f2ee7d9cbc 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -219,13 +219,13 @@ void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); mbedtls_x509write_csr_init(&req); + mbedtls_pk_init(&key); USE_PSA_INIT(); md_alg_psa = mbedtls_psa_translate_md((mbedtls_md_type_t) md_type); TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE); - mbedtls_pk_init(&key); TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&key, &key_id, md_alg_psa) == 0); From 1348b6a86125ba59fdbdce611d6a98621402084f Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 24 Oct 2024 14:38:00 +0100 Subject: [PATCH 2/4] Add missing check of return Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto_memory.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_memory.function b/tests/suites/test_suite_psa_crypto_memory.function index 55c00921b2f1..cc8784829280 100644 --- a/tests/suites/test_suite_psa_crypto_memory.function +++ b/tests/suites/test_suite_psa_crypto_memory.function @@ -243,7 +243,7 @@ void local_output_round_trip() TEST_CALLOC(buffer_copy_for_comparison, local_output.length); memcpy(buffer_copy_for_comparison, local_output.buffer, local_output.length); - psa_crypto_local_output_free(&local_output); + TEST_EQUAL(psa_crypto_local_output_free(&local_output), PSA_SUCCESS); TEST_ASSERT(local_output.buffer == NULL); TEST_EQUAL(local_output.length, 0); From 9488b8c513f4779c5053801de6a5137e3b1ffadf Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 24 Oct 2024 14:41:01 +0100 Subject: [PATCH 3/4] Fix double free in case of test failure Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto_memory.function | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_memory.function b/tests/suites/test_suite_psa_crypto_memory.function index cc8784829280..50539e87f068 100644 --- a/tests/suites/test_suite_psa_crypto_memory.function +++ b/tests/suites/test_suite_psa_crypto_memory.function @@ -107,7 +107,10 @@ void local_input_alloc(int input_len, psa_status_t exp_status) exit: mbedtls_free(local_input.buffer); - mbedtls_free(input); + + if (local_input.buffer != input) { + mbedtls_free(input); + } } /* END_CASE */ From 417b8d92a13d8d991f8eead58fb3cb8c11681379 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 25 Oct 2024 12:41:28 +0100 Subject: [PATCH 4/4] Pair inits with declarations Signed-off-by: Paul Elliott --- tests/suites/test_suite_x509write.function | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 81f2ee7d9cbc..61b317c625e6 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -207,19 +207,21 @@ void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, int cert_type) { mbedtls_pk_context key; + mbedtls_pk_init(&key); + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t md_alg_psa; + mbedtls_x509write_csr req; + mbedtls_x509write_csr_init(&req); + unsigned char buf[4096]; int ret; size_t pem_len = 0; const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; - memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_x509write_csr_init(&req); - mbedtls_pk_init(&key); USE_PSA_INIT();