Skip to content

20251020-coverity-WC_SAFE_foo #9324

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dgarske merged 2 commits into from
Oct 21, 2025
Merged

20251020-coverity-WC_SAFE_foo #9324

dgarske merged 2 commits into from
Oct 21, 2025

Conversation

@douzzer
Copy link
Contributor

@douzzer douzzer commented Oct 21, 2025

wolfssl/wolfcrypt/types.h:

  • fix WC_MIN_SINT_OF().
  • add outer cast back to target type in WC_MAX_UINT_OF() and WC_MAX_SINT_OF().
  • rename WC_SAFE_SUM_*_NO_WUR() to WC_SAFE_SUM_*_CLIP().
  • remove clipping assignments from failure paths in WC_WUR_INT() variants.
  • add WC_SAFE_SUB_UNSIGNED_CLIP(), WC_SAFE_SUB_UNSIGNED(), WC_SAFE_SUB_SIGNED_CLIP(), and WC_SAFE_SUB_SIGNED().
  • add Coverity-specific annotations in WC_SAFE_*() to suppress false-positive overflow warnings.

wolfcrypt/test/test.c:

  • implement macro_test().
  • fix stray uint32_t's in crypto_ecc_verify() and crypto_ecc_sign() arg lists.

wolfssl/wolfcrypt/ext_xmss.h: fix stray uint32_t.

tested with

wolfssl-multi-test.sh ...
clang-tidy-all-sp-all
check-source-text
defaults-cryptonly-c99-Wconversion-m32-build
quantum-safe-wolfssl-all-gcc-latest-m32
allcryptonly-gcc-c89
all-c89-cppcheck
defaults-cryptonly-c89-Wconversion-build
defaults-cryptonly-c89-Wconversion-m32-build

@douzzer douzzer mentioned this pull request Oct 21, 2025
Merged
@douzzer douzzer force-pushed the 20251020-coverity-WC_SAFE_foo branch from 11c008b to e1bb492 Compare October 21, 2025 04:23
@douzzer
wolfssl/wolfcrypt/types.h:
279238c 
* fix WC_MIN_SINT_OF().
* add outer cast back to target type in WC_MAX_UINT_OF() and WC_MAX_SINT_OF().
* rename WC_SAFE_SUM_*_NO_WUR to WC_SAFE_SUM_*_CLIP().
* remove clipping assignments from failure paths in WC_WUR_INT() variants.
* add WC_SAFE_SUB_UNSIGNED_CLIP(), WC_SAFE_SUB_UNSIGNED(), WC_SAFE_SUB_SIGNED_CLIP(), and WC_SAFE_SUB_SIGNED().
* add Coverity-specific annotations in WC_SAFE_*() to suppress false-positive overflow warnings.

wolfcrypt/test/test.c:
* implement macro_test().
* fix stray uint32_t's in crypto_ecc_verify() and crypto_ecc_sign() arg lists.

wolfssl/wolfcrypt/ext_xmss.h: fix stray uint32_t.
@douzzer douzzer force-pushed the 20251020-coverity-WC_SAFE_foo branch from e1bb492 to 279238c Compare October 21, 2025 04:27
@douzzer
src/internal.c: work around false positive "C4701: potentially uninit…
ca552cc 
…ialized local variable" in GrowOutputBuffer().
philljj
philljj approved these changes Oct 21, 2025
View reviewed changes
Copy link
Contributor

@philljj philljj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, a macro sanity test for math was long due!

dgarske
dgarske requested changes Oct 21, 2025
View reviewed changes
@dgarske dgarske assigned douzzer and unassigned philljj Oct 21, 2025
@dgarske dgarske merged commit 9c3a0e3 into wolfSSL:master Oct 21, 2025
347 of 349 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dgarske dgarske dgarske approved these changes

@JacobBarthelmeh JacobBarthelmeh JacobBarthelmeh approved these changes

@philljj philljj philljj approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

@SparkiDev SparkiDev Awaiting requested review from SparkiDev

Assignees

@douzzer douzzer

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@douzzer @dgarske @JacobBarthelmeh @philljj @wolfSSL-Bot