From 190147e369bba20c12c06d1929659a7ed9ccefa6 Mon Sep 17 00:00:00 2001 From: Daniel Adam Date: Sat, 8 Jul 2023 11:35:19 +0200 Subject: [PATCH] security: fix coverity issues 55781: Unchecked return value in obt_check_owned (obt.c) 55864: Overflowed return value in oc_sec_certs_md_algorithm_is_allowed (oc_certs.c) --- security/oc_certs.c | 3 +++ security/oc_obt.c | 17 +++++++++-------- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/security/oc_certs.c b/security/oc_certs.c index 50b72c7d1a..99fce9e6bb 100644 --- a/security/oc_certs.c +++ b/security/oc_certs.c @@ -100,6 +100,9 @@ oc_sec_certs_md_algorithms_allowed(void) bool oc_sec_certs_md_algorithm_is_allowed(mbedtls_md_type_t md) { + // check for valid enum values so MBEDTLS_X509_ID_FLAG doesn't overflow + assert(md >= 0); + assert(md <= 31); return md != MBEDTLS_MD_NONE && (MBEDTLS_X509_ID_FLAG(md) & g_allowed_mds_mask) != 0; } diff --git a/security/oc_obt.c b/security/oc_obt.c index c88005afeb..d7771bea82 100644 --- a/security/oc_obt.c +++ b/security/oc_obt.c @@ -601,7 +601,7 @@ obt_check_owned(oc_client_response_t *data) oc_uuid_t uuid; int owned = -1; - oc_rep_t *rep = data->payload; + const oc_rep_t *rep = data->payload; while (rep != NULL) { switch (rep->type) { @@ -628,20 +628,21 @@ obt_check_owned(oc_client_response_t *data) } const oc_uuid_t *my_uuid = oc_core_get_device_id(0); - if (memcmp(my_uuid->id, uuid.id, 16) == 0) { + if (memcmp(my_uuid->id, uuid.id, sizeof(uuid.id)) == 0) { return; } oc_device_t *device = NULL; - if (owned == 0) { device = cache_new_device(oc_cache, &uuid, data->endpoint); } - - if (device) { - device->ctx = data->user_data; - oc_do_get("/oic/res", device->endpoint, "rt=oic.r.doxm", &get_endpoints, - HIGH_QOS, device); + if (device == NULL) { + return; + } + device->ctx = data->user_data; + if (!oc_do_get("/oic/res", device->endpoint, "rt=oic.r.doxm", &get_endpoints, + HIGH_QOS, device)) { + OC_ERR("Could not send GET request to retrieve endpoints"); } }