From 02659d55414a098058b2f3eb3cc850a431cf0228 Mon Sep 17 00:00:00 2001 From: "Earle F. Philhower, III" Date: Thu, 30 Apr 2020 16:06:05 -0700 Subject: [PATCH] Fix minor GCC10 static analyzer warnings Add minor NULL and double-free checks to source, identified using GCC10 pre-release static `-fanalyzer` on the coude. These are harmless to other versions. Also add explicit include of stdint to Schedule.h, because libstdc++20 will not automatically include it. Safe and no-op on earlier versions. --- cores/esp8266/Schedule.h | 1 + libraries/ESP8266WiFi/src/BearSSLHelpers.cpp | 2 ++ .../ESP8266WiFi/src/WiFiClientSecureAxTLS.cpp | 28 +++++++++++-------- 3 files changed, 19 insertions(+), 12 deletions(-) diff --git a/cores/esp8266/Schedule.h b/cores/esp8266/Schedule.h index d33a7c08b9..48111c33ed 100644 --- a/cores/esp8266/Schedule.h +++ b/cores/esp8266/Schedule.h @@ -2,6 +2,7 @@ #define ESP_SCHEDULE_H #include +#include #define SCHEDULED_FN_MAX_COUNT 32 diff --git a/libraries/ESP8266WiFi/src/BearSSLHelpers.cpp b/libraries/ESP8266WiFi/src/BearSSLHelpers.cpp index f962547797..b3d1b60c20 100644 --- a/libraries/ESP8266WiFi/src/BearSSLHelpers.cpp +++ b/libraries/ESP8266WiFi/src/BearSSLHelpers.cpp @@ -234,6 +234,8 @@ namespace brssl { if (po) { free(po->name); free(po->data); + po->name = nullptr; + po->data = nullptr; } } diff --git a/libraries/ESP8266WiFi/src/WiFiClientSecureAxTLS.cpp b/libraries/ESP8266WiFi/src/WiFiClientSecureAxTLS.cpp index 62b7f0ab8c..62969b8bd7 100644 --- a/libraries/ESP8266WiFi/src/WiFiClientSecureAxTLS.cpp +++ b/libraries/ESP8266WiFi/src/WiFiClientSecureAxTLS.cpp @@ -125,6 +125,9 @@ int WiFiClientSecure::_connectSSL(const char* hostName) { if (!_ssl) { _ssl = std::make_shared(); + if (!_ssl) { + return 0; + } } _ssl->connect(_client, hostName, _timeout); @@ -170,8 +173,7 @@ size_t WiFiClientSecure::write(Stream& stream) size_t totalSent = 0; size_t countRead; size_t countSent; - if (!_ssl) - { + if (!_ssl) { return 0; } do { @@ -399,61 +401,63 @@ void WiFiClientSecure::_initSSLContext() bool WiFiClientSecure::setCACert(const uint8_t* pk, size_t size) { _initSSLContext(); - return _ssl->loadObject(SSL_OBJ_X509_CACERT, pk, size); + return _ssl ? _ssl->loadObject(SSL_OBJ_X509_CACERT, pk, size) : false; } bool WiFiClientSecure::setCertificate(const uint8_t* pk, size_t size) { _initSSLContext(); - return _ssl->loadObject(SSL_OBJ_X509_CERT, pk, size); + return _ssl ? _ssl->loadObject(SSL_OBJ_X509_CERT, pk, size) : false; } bool WiFiClientSecure::setPrivateKey(const uint8_t* pk, size_t size) { _initSSLContext(); - return _ssl->loadObject(SSL_OBJ_RSA_KEY, pk, size); + return _ssl ? _ssl->loadObject(SSL_OBJ_RSA_KEY, pk, size) : false; } bool WiFiClientSecure::setCACert_P(PGM_VOID_P pk, size_t size) { _initSSLContext(); - return _ssl->loadObject_P(SSL_OBJ_X509_CACERT, pk, size); + return _ssl ? _ssl->loadObject_P(SSL_OBJ_X509_CACERT, pk, size) : false; } bool WiFiClientSecure::setCertificate_P(PGM_VOID_P pk, size_t size) { _initSSLContext(); - return _ssl->loadObject_P(SSL_OBJ_X509_CERT, pk, size); + return _ssl ? _ssl->loadObject_P(SSL_OBJ_X509_CERT, pk, size) : false; } bool WiFiClientSecure::setPrivateKey_P(PGM_VOID_P pk, size_t size) { _initSSLContext(); - return _ssl->loadObject_P(SSL_OBJ_RSA_KEY, pk, size); + return _ssl ? _ssl->loadObject_P(SSL_OBJ_RSA_KEY, pk, size) : false; } bool WiFiClientSecure::loadCACert(Stream& stream, size_t size) { _initSSLContext(); - return _ssl->loadObject(SSL_OBJ_X509_CACERT, stream, size); + return _ssl ? _ssl->loadObject(SSL_OBJ_X509_CACERT, stream, size) : false; } bool WiFiClientSecure::loadCertificate(Stream& stream, size_t size) { _initSSLContext(); - return _ssl->loadObject(SSL_OBJ_X509_CERT, stream, size); + return _ssl ? _ssl->loadObject(SSL_OBJ_X509_CERT, stream, size) : false; } bool WiFiClientSecure::loadPrivateKey(Stream& stream, size_t size) { _initSSLContext(); - return _ssl->loadObject(SSL_OBJ_RSA_KEY, stream, size); + return _ssl ? _ssl->loadObject(SSL_OBJ_RSA_KEY, stream, size) : false; } void WiFiClientSecure::allowSelfSignedCerts() { _initSSLContext(); - _ssl->allowSelfSignedCerts(); + if (_ssl) { + _ssl->allowSelfSignedCerts(); + } } extern "C" int __ax_port_read(int fd, uint8_t* buffer, size_t count)