fix(mbedtls/port): Fix some divide-by-zero and deadcode coverity checks

TrackliDev · May 23, 2024 · 7c7c33e · 7c7c33e
1 parent 098abb5
commit 7c7c33e
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 8 deletions.
diff --git a/components/mbedtls/port/aes/dma/esp_aes_dma_core.c b/components/mbedtls/port/aes/dma/esp_aes_dma_core.c
@@ -452,7 +452,7 @@ static esp_err_t generate_descriptor_list(const uint8_t *buffer, const size_t le
 
         // add start alignment node to the DMA linked list
         dma_desc_populate(dma_descriptors, start_alignment_stream_buffer, unaligned_start_bytes, max_desc_size, populated_dma_descs);
-        populated_dma_descs += (unaligned_start_bytes ? 1 : 0);
+        populated_dma_descs += 1;
     }
 
     if (aligned_block_bytes) {
@@ -474,7 +474,7 @@ static esp_err_t generate_descriptor_list(const uint8_t *buffer, const size_t le
 
         // add end alignment node to the DMA linked list
         dma_desc_populate(dma_descriptors, end_alignment_stream_buffer, unaligned_end_bytes, max_desc_size, populated_dma_descs);
-        populated_dma_descs += (unaligned_end_bytes ? 1 : 0);
+        populated_dma_descs += 1;
     }
 
     if (dma_desc_link(dma_descriptors, dma_descs_needed, cache_line_size) != ESP_OK) {

diff --git a/components/mbedtls/port/bignum/esp_bignum.c b/components/mbedtls/port/bignum/esp_bignum.c
@@ -6,7 +6,7 @@
  *
  * SPDX-License-Identifier: Apache-2.0
  *
- * SPDX-FileContributor: 2016-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileContributor: 2016-2024 Espressif Systems (Shanghai) CO LTD
  */
 #include <stdio.h>
 #include <string.h>
@@ -41,7 +41,7 @@
  *   bignum. This number may be less than the size of the bignum
  *
  * - Naming convention hw_words for the hardware length of the operation. This number maybe be rounded up
- *   for targets that requres this (e.g. ESP32), and may be larger than any of the numbers
+ *   for targets that requires this (e.g. ESP32), and may be larger than any of the numbers
  *   involved in the calculation.
  *
  * - Timing behaviour of these functions will depend on the length of the inputs. This is fundamentally
@@ -359,7 +359,7 @@ static int esp_mpi_exp_mod( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_
     int ret = 0;
 
     mbedtls_mpi Rinv_new; /* used if _Rinv == NULL */
-    mbedtls_mpi *Rinv;    /* points to _Rinv (if not NULL) othwerwise &RR_new */
+    mbedtls_mpi *Rinv;    /* points to _Rinv (if not NULL) otherwise &RR_new */
     mbedtls_mpi_uint Mprime;
 
     size_t x_words = mpi_words(X);
@@ -502,8 +502,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi
        argument is zero or one.
     */
     if (x_bits == 0 || y_bits == 0) {
-        mbedtls_mpi_lset(Z, 0);
-        return 0;
+        ret = mbedtls_mpi_lset(Z, 0);
+        return ret;
     }
     if (x_bits == 1) {
         ret = mbedtls_mpi_copy(Z, Y);

diff --git a/components/mbedtls/port/sha/dma/sha.c b/components/mbedtls/port/sha/dma/sha.c
@@ -156,6 +156,8 @@ static void esp_sha_block_mode(esp_sha_type sha_type, const uint8_t *input, uint
     int num_block = 0;
 
     blk_len = block_length(sha_type);
+    assert(blk_len != 0);
+
     blk_word_len =  blk_len / 4;
     num_block = ilen / blk_len;
 
@@ -236,7 +238,13 @@ static esp_err_t esp_sha_dma_process(esp_sha_type sha_type, const void *input, u
 {
     int ret = 0;
     crypto_dma_desc_t *dma_descr_head = NULL;
-    size_t num_blks = (ilen + buf_len) / block_length(sha_type);
+
+    size_t blk_len = block_length(sha_type);
+    if (blk_len == 0) {
+        ESP_LOGE(TAG, "Unsupported SHA type");
+        return ESP_FAIL;
+    }
+    size_t num_blks = (ilen + buf_len) / blk_len;
 
     memset(&s_dma_descr_input, 0, sizeof(crypto_dma_desc_t));
     memset(&s_dma_descr_buf, 0, sizeof(crypto_dma_desc_t));