Refactor slightly to silence a clang-analyze warning
Since the buffer is used in a few places, it seems Clang isn't clever
enough to realise that the first byte is never touched. So, even though
the function has a correct null check for ssl->handshake, Clang
complains. Pulling the handshake type out into its own variable is
enough for Clang's analysis to kick in though.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 19cc357..9208ec9 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2709,7 +2709,7 @@
*/
int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl )
{
- int ret, done = 0;
+ int ret, done = 0, out_msg_type;
size_t len = ssl->out_msglen;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) );
@@ -2725,7 +2725,9 @@
#endif
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
{
- if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST &&
+ out_msg_type = ssl->out_msg[0];
+
+ if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST &&
ssl->handshake == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
@@ -2752,7 +2754,7 @@
len += 8;
/* Write message_seq and update it, except for HelloRequest */
- if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST )
+ if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
{
ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
@@ -2770,7 +2772,7 @@
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST )
+ if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
ssl->handshake->update_checksum( ssl, ssl->out_msg, len );
}