Merge pull request #10251 from gilles-peskine-arm/tls-exporter-coverity-202505-dev
Fix SSL exporter tests
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 4567dbd..58212ba 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -2879,6 +2879,7 @@
{
enum { BUFFSIZE = 1024 };
mbedtls_test_ssl_endpoint ep;
+ memset(&ep, 0, sizeof(ep));
int ret = -1;
mbedtls_test_handshake_test_options options;
mbedtls_test_init_handshake_options(&options);
@@ -2910,6 +2911,8 @@
{
enum { BUFFSIZE = 1024 };
mbedtls_test_ssl_endpoint base_ep, second_ep;
+ memset(&base_ep, 0, sizeof(base_ep));
+ memset(&second_ep, 0, sizeof(second_ep));
int ret = -1;
(void) tls_version;
@@ -2935,8 +2938,6 @@
#endif
MD_OR_USE_PSA_INIT();
- mbedtls_platform_zeroize(&base_ep, sizeof(base_ep));
- mbedtls_platform_zeroize(&second_ep, sizeof(second_ep));
ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type, &options,
NULL, NULL, NULL);
@@ -3587,6 +3588,8 @@
enum { BUFFSIZE = 1024 };
mbedtls_test_handshake_test_options options;
mbedtls_test_ssl_endpoint client, server;
+ memset(&client, 0, sizeof(client));
+ memset(&server, 0, sizeof(server));
mbedtls_test_ssl_log_pattern srv_pattern, cli_pattern;
mbedtls_test_message_socket_context server_context, client_context;
@@ -3597,9 +3600,6 @@
options.srv_log_obj = &srv_pattern;
options.srv_log_fun = mbedtls_test_ssl_log_analyzer;
- mbedtls_platform_zeroize(&client, sizeof(client));
- mbedtls_platform_zeroize(&server, sizeof(server));
-
mbedtls_test_message_socket_init(&server_context);
mbedtls_test_message_socket_init(&client_context);
MD_OR_USE_PSA_INIT();
@@ -3782,6 +3782,8 @@
{
enum { BUFFSIZE = 17000 };
mbedtls_test_ssl_endpoint client, server;
+ memset(&client, 0, sizeof(client));
+ memset(&server, 0, sizeof(server));
mbedtls_psa_stats_t stats;
size_t free_slots_before = -1;
mbedtls_test_handshake_test_options client_options, server_options;
@@ -3791,8 +3793,6 @@
uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
MBEDTLS_SSL_IANA_TLS_GROUP_NONE };
MD_OR_USE_PSA_INIT();
- mbedtls_platform_zeroize(&client, sizeof(client));
- mbedtls_platform_zeroize(&server, sizeof(server));
/* Client side, force SECP256R1 to make one key bitflip fail
* the raw key agreement. Flipping the first byte makes the
@@ -3856,6 +3856,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
unsigned char *buf, *end;
size_t buf_len;
int step = 0;
@@ -3867,8 +3869,6 @@
/*
* Test set-up
*/
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
MD_OR_USE_PSA_INIT();
@@ -4105,12 +4105,12 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4190,6 +4190,8 @@
const char *early_data = "This is early data.";
size_t early_data_len = strlen(early_data);
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -4200,8 +4202,6 @@
MBEDTLS_SSL_IANA_TLS_GROUP_NONE
};
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4389,6 +4389,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -4399,8 +4401,6 @@
};
uint8_t client_random[MBEDTLS_CLIENT_HELLO_RANDOM_LEN];
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -4762,6 +4762,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -4772,8 +4774,6 @@
};
int beyond_first_hello = 0;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -5111,6 +5111,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -5120,8 +5122,6 @@
uint32_t written_early_data_size = 0;
uint32_t read_early_data_size = 0;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -5264,6 +5264,8 @@
{
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options client_options;
mbedtls_test_handshake_test_options server_options;
mbedtls_ssl_session saved_session;
@@ -5282,8 +5284,6 @@
uint32_t written_early_data_size = 0;
uint32_t max_early_data_size;
- mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
- mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
mbedtls_test_init_handshake_options(&client_options);
mbedtls_test_init_handshake_options(&server_options);
mbedtls_ssl_session_init(&saved_session);
@@ -5709,6 +5709,8 @@
uint8_t *key_buffer_server = NULL;
uint8_t *key_buffer_client = NULL;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
@@ -5754,6 +5756,8 @@
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
@@ -5793,6 +5797,8 @@
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
@@ -5833,6 +5839,8 @@
int ret = -1;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
MD_OR_USE_PSA_INIT();
@@ -5876,6 +5884,8 @@
char *label = NULL;
uint8_t *context = NULL;
mbedtls_test_ssl_endpoint client_ep, server_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
TEST_ASSERT(exported_key_length > 0);
@@ -5914,6 +5924,8 @@
int ret = -1;
mbedtls_test_ssl_endpoint server_ep, client_ep;
+ memset(&client_ep, 0, sizeof(client_ep));
+ memset(&server_ep, 0, sizeof(server_ep));
mbedtls_test_handshake_test_options options;
mbedtls_test_init_handshake_options(&options);
@@ -5939,7 +5951,9 @@
} else {
ret = mbedtls_test_move_handshake_to_state(&client_ep.ssl, &server_ep.ssl, state);
}
- TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_WANT_READ || MBEDTLS_ERR_SSL_WANT_WRITE);
+ if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
+ TEST_EQUAL(ret, 0);
+ }
char label[] = "test-label";
uint8_t key_buffer[24] = { 0 };