wolfcrypt/src/wc_xmss_impl.c: guided by clang-tidy 20.0.0_pre20250104…

…, add some error-checking to wc_xmss_bds_state_load() and wc_xmss_bds_state_store(), but ultimately, suppress a pair of stubborn apparently-false "function call argument is an uninitialized value" warnings, one in wc_xmss_bds_state_store() and one in wc_xmss_sign().
wolfSSL · Jan 7, 2025 · 8c32238 · 8c32238
1 parent 78c4a04
commit 8c32238
Showing 1 changed file with 32 additions and 18 deletions.
diff --git a/wolfcrypt/src/wc_xmss_impl.c b/wolfcrypt/src/wc_xmss_impl.c
@@ -2675,7 +2675,7 @@ static void wc_xmss_bds_state_free(BdsState* bds)
  * @param [out] bds        BDS states.
  * @param [out] wots_sigs  WOTS signatures when XMSS^MT.
  */
-static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
+static int wc_xmss_bds_state_load(const XmssState* state, byte* sk,
     BdsState* bds, byte** wots_sigs)
 {
     const XmssParams* params = state->params;
@@ -2689,6 +2689,9 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
     /* Skip past standard SK = idx || wots_sk || SK_PRF || root || SEED; */
     sk += params->idx_len + 4 * n;
 
+    if (2 * (int)params->d - 1 < 0)
+        return WC_FAILURE;
+
     for (i = 0; i < 2 * (int)params->d - 1; i++) {
         /* Set pointers into SK. */
         bds[i].stack = sk;
@@ -2715,6 +2718,8 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
     if (wots_sigs != NULL) {
         *wots_sigs = sk;
     }
+
+    return 0;
 }
 
 /* Store the BDS state into the secret/private key.
@@ -2723,7 +2728,7 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
  * @param [in, out] sk      Secret/private key.
  * @param [in]      bds     BDS states.
  */
-static void wc_xmss_bds_state_store(const XmssState* state, byte* sk,
+static int wc_xmss_bds_state_store(const XmssState* state, byte* sk,
     BdsState* bds)
 {
     int i;
@@ -2743,15 +2748,20 @@ static void wc_xmss_bds_state_store(const XmssState* state, byte* sk,
     /* Ignore standard SK = idx || wots_sk || SK_PRF || root || SEED; */
     sk += params->idx_len + 4 * n;
 
+    if (2 * (int)params->d - 1 < 0)
+        return WC_FAILURE;
+
     for (i = 0; i < 2 * (int)params->d - 1; i++) {
         /* Skip pointers into sk. */
         sk += skip;
         /* Save values - big-endian encoded. */
-        c32to24(bds[i].next, sk);
+        c32to24(bds[i].next, sk); /* NOLINT(clang-analyzer-core.CallAndMessage) */
         sk += 3;
         sk[0] = bds[i].offset;
         sk += 1;
     }
+
+    return 0;
 }
 
 /********************************************
@@ -3297,6 +3307,10 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
     if (ret == 0)
 #endif
     {
+        /* Setup pointers into sk - assumes sk is initialized to zeros. */
+        ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
+    }
+    if (ret == 0) {
         /* Offsets into seed. */
         const byte* seed_priv = seed;
         const byte* seed_pub = seed + 2 * n;
@@ -3306,9 +3320,6 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
         /* Offsets into public key. */
         byte* pk_seed = pk + n;
 
-        /* Setup pointers into sk - assumes sk is initialized to zeros. */
-        wc_xmss_bds_state_load(state, sk, bds, NULL);
-
         /* Set first index to 0 in private key. idx_len always 4. */
         *sk_idx = 0;
         /* Set private key seed and private key for PRF in to private key. */
@@ -3333,7 +3344,7 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
         XMEMCPY(sk_root, pk_root, 2 * n);
 
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
 #ifdef WOLFSSL_SMALL_STACK
@@ -3412,8 +3423,9 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
 #endif
     {
         /* Load the BDS state from secret/private key. */
-        wc_xmss_bds_state_load(state, sk, bds, NULL);
-
+        ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
+    }
+    if (ret == 0) {
         /* Copy the index into the signature data: Sig = idx_sig || ... */
         *((word32*)sig) = *((word32*)sk);
         /* Read index from the secret key. */
@@ -3468,7 +3480,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
     if (ret == 0) {
         sig += params->wots_sig_len;
         /*   Add authentication path (auth) and calc new root. */
-        XMEMCPY(sig, bds->authPath, h * n);
+        XMEMCPY(sig, bds->authPath, h * n); /* NOLINT(clang-analyzer-core.CallAndMessage) */
         ret = state->ret;
     }
 
@@ -3490,7 +3502,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
     }
     if (ret == 0) {
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
 #ifdef WOLFSSL_SMALL_STACK
@@ -3580,14 +3592,15 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
 
     /* Allocate memory for BDS states and tree hash instances. */
     ret = wc_xmss_bds_state_alloc(params, &bds);
+    if (ret == 0) {
+        /* Load the BDS state from secret/private key. */
+        ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
+    }
     if (ret == 0) {
         /* Offsets into seed. */
         const byte* seed_priv = seed;
         const byte* seed_pub  = seed + 2 * params->n;
 
-        /* Load the BDS state from secret/private key. */
-        wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
-
         /* Set first index to 0 in private key. */
         XMEMSET(sk, 0, params->idx_len);
         /* Set private key seed and private key for PRF in to private key. */
@@ -3630,7 +3643,7 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
         XMEMCPY(sk_root, pk_root, 2 * n);
 
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
     /* Dispose of allocated data of BDS states. */
@@ -4000,8 +4013,9 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
     ret = wc_xmss_bds_state_alloc(params, &bds);
     if (ret == 0) {
         /* Load the BDS state from secret/private key. */
-        wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
-
+        ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
+    }
+    if (ret == 0) {
         /* Copy the index into the signature data: Sig_MT = idx_sig. */
         XMEMCPY(sig_mt, sk, idx_len);
 
@@ -4032,7 +4046,7 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
 
     if (ret == 0) {
         /* Store BDS state back into secret/private key. */
-        wc_xmss_bds_state_store(state, sk, bds);
+        ret = wc_xmss_bds_state_store(state, sk, bds);
     }
 
     /* Dispose of allocated data of BDS states. */