Fix Coverity issues with BoringSSL

Signed-off-by: Yogaraj Alamenda <[email protected]>
intel · Jun 16, 2023 · ac1eb90 · ac1eb90
1 parent 52aee73
commit ac1eb90
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 10 deletions.
diff --git a/qat_bssl.c b/qat_bssl.c
@@ -533,12 +533,18 @@ int bssl_qat_async_ctx_copy_result(const async_ctx *ctx, unsigned char *buffer,
     unsigned long bytes_len = 0;
 #ifdef QAT_HW
     CpaFlatBuffer *from;
+    thread_local_variables_t *tlv = NULL;
 
     /* Decrease num_requests_in_flight by 1 to
      * avoid high cpu load from polling thread
      */
-    QAT_DEC_IN_FLIGHT_REQS(num_requests_in_flight,
-                           qat_check_create_local_variables());
+    tlv = qat_check_create_local_variables();
+    if (NULL == tlv) {
+        WARN("could not create local variables\n");
+        return 0;
+    }
+
+    QAT_DEC_IN_FLIGHT_REQS(num_requests_in_flight, tlv);
  #endif /* QAT_HW */
 
     /* Change fds state from add to del */

diff --git a/qat_hw_ec.c b/qat_hw_ec.c
@@ -968,13 +968,14 @@ static void qat_ecdsaSignCallbackFn(void *pCallbackTag, CpaStatus status,
     ECDSA_SIG *s = NULL;
     size_t bytes_len = 0;
     pBuffer.pBuffers = NULL;
+    op_done_t *opDone = NULL;
 
     if (!bEcdsaSignStatus) {
         WARN("ECDSA sign failed, status %d verifyResult %d\n", status, bEcdsaSignStatus);
         goto err;
     }
 
-    op_done_t *opDone = (op_done_t *)pCallbackTag;
+    opDone = (op_done_t *)pCallbackTag;
     if (unlikely(opDone == NULL)) {
         WARN("opDone is empty in ECDSA callback\n");
         goto err;

diff --git a/qat_hw_rsa.c b/qat_hw_rsa.c
@@ -184,11 +184,12 @@ static int qat_rsa_decrypt(CpaCyRsaDecryptOpData * dec_op_data, int rsa_len,
     op_done_t op_done;
     CpaStatus sts = CPA_STATUS_FAIL;
     int inst_num = QAT_INVALID_INSTANCE;
-    int job_ret = 0;
     int sync_mode_ret = 0;
     thread_local_variables_t *tlv = NULL;
 # ifdef QAT_BORINGSSL
     op_done_t *op_done_bssl = NULL;
+# else
+    int job_ret = 0;
 # endif
 
     DEBUG("- Started\n");
@@ -338,7 +339,7 @@ static int qat_rsa_decrypt(CpaCyRsaDecryptOpData * dec_op_data, int rsa_len,
 # ifdef QAT_BORINGSSL
     qat_cleanup_op_done(&op_done);
     return -1; /* Async mode for BoringSSL */
-# endif /* QAT_BORINGSSL */
+# else
 
     if (qat_get_sw_fallback_enabled()) {
         CRYPTO_QAT_LOG("Submit success qat inst_num %d device_id %d - %s\n",
@@ -392,6 +393,7 @@ static int qat_rsa_decrypt(CpaCyRsaDecryptOpData * dec_op_data, int rsa_len,
 
     DEBUG("- Finished\n");
     return 1;
+# endif /* QAT_BORINGSSL */
 }
 
 static int

diff --git a/test_bssl/main.c b/test_bssl/main.c
@@ -147,7 +147,9 @@ int parse_user_option(int argc, char *argv[])
                         return 1;
                     }
 
-                    if (NULL == (key_path = (char *)OPENSSL_zalloc(slen + 1))) {
+                    if (NULL == key_path)
+                        key_path = (char *)OPENSSL_zalloc(slen + 1);
+                    if (NULL == key_path) {
                         T_ERROR("Error: allocated memory failed\n");
                         return 1;
                     }

diff --git a/test_bssl/test_bssl_ecdsa.c b/test_bssl/test_bssl_ecdsa.c
@@ -67,7 +67,7 @@
 static pthread_t    async_poll_thread;
 static uint8_t     *sig_data = NULL;
 static size_t       max_len = 0;
-static unsigned int sig_len = 0;
+static size_t       sig_len = 0;
 static const char   in_data[] = "Intel® QuickAssist Technology (Intel® QAT)";
 
 static void qat_ecdsa_handle_async_ctx(async_ctx *ctx)
@@ -194,19 +194,19 @@ int qat_ecdsa_test(const EVP_PKEY *pkey, int flag)
     }
 
     T_DUMP_ECDSA_SIGN_INPUT(in_data, strlen(in_data));
-    if (!ECDSA_sign(type, md, mdlen, sig_data, &sig_len, eckey)) {
+    if (!ECDSA_sign(type, md, mdlen, sig_data, (unsigned int *) &sig_len, eckey)) {
          T_ERROR("ECDSA Sign: Failed\n");
         goto err;
     } else {
         if (flag & ECDSA_ASYNC_MODE) {
             qat_ecdsa_wait_async_ctx();
         }
         T_DEBUG("ECDSA Sign: OK\n");
-        T_DUMP_ECDSA_SIGN_OUTPUT(sig_data, sig_len);
+        T_DUMP_ECDSA_SIGN_OUTPUT(sig_data, (unsigned int) sig_len);
     }
 
     /* Verify */
-    signature = ECDSA_SIG_from_bytes(sig_data, sig_len);
+    signature = ECDSA_SIG_from_bytes(sig_data, (unsigned int) sig_len);
     if (ECDSA_do_verify(md, mdlen, signature, eckey) != 1) {\
         T_ERROR("ECDSA Verify: Failed\n");
         goto err;

diff --git a/test_bssl/test_bssl_rsa.c b/test_bssl/test_bssl_rsa.c
@@ -328,6 +328,7 @@ int qat_rsa_decrypt_test(RSA_METHOD *meth, RSA *rsa, const uint8_t *in_data,
      /* Decrypting */
     if (NULL == (out_data = (unsigned char *)OPENSSL_zalloc(in_len))) {
         T_ERROR("Failed to allocate buffer\n");
+        OPENSSL_free(enc_data);
         return 1; /* error */
     }
     T_DUMP_RSA_DECRYPT_INPUT(enc_data, out_len);
@@ -341,6 +342,8 @@ int qat_rsa_decrypt_test(RSA_METHOD *meth, RSA *rsa, const uint8_t *in_data,
     T_DUMP_RSA_DECRYPT_OUTPUT(out_data, out_len);
     if (in_len != out_len) {
         T_ERROR("RSA Decrypt: wrong length\n");
+        OPENSSL_free(enc_data);
+        OPENSSL_free(out_data);
         return 1; /* fail */
     } else {
         T_DEBUG("RSA Decrypt(%s mode): OK\n", async_mode?"Async":"Sync");