src/x509.c: in wolfSSL_X509_get_ext_by_OBJ() and wolfSSL_X509_load_cert_crl_file(), add local protection from null derefs (fixes -Wnull-dereferences);

wolfcrypt/src/chacha.c and wolfssl/wolfcrypt/chacha.h: implement USE_ARM_CHACHA_SPEEDUP gate;

wolfcrypt/src/kdf.c: in wc_SSH_KDF(), add early return if _HashInit() fails (fixes _HashFree() of uninited _hash);

wolfcrypt/src/sha256.c: initialize sha256->W in ARMASM variant of wc_InitSha256_ex(), and pass sha256->heap to XMALLOC/XFREE consistently.

Author: douzzer

src/x509.c

@@ -463,10 +463,14 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
     lastpos++;
     if (lastpos < 0)
         lastpos = 0;
-    for (; lastpos < wolfSSL_sk_num(sk); lastpos++)
-        if (wolfSSL_OBJ_cmp(wolfSSL_sk_X509_EXTENSION_value(sk,
-                        lastpos)->obj, obj) == 0)
+    for (; lastpos < wolfSSL_sk_num(sk); lastpos++) {
+        const WOLFSSL_X509_EXTENSION *ext =
+            wolfSSL_sk_X509_EXTENSION_value(sk, lastpos);
+        if (ext == NULL)
+            continue;
+        if (wolfSSL_OBJ_cmp(ext->obj, obj) == 0)
             return lastpos;
+    }
     return WOLFSSL_FATAL_ERROR;
 }
 
@@ -8343,6 +8347,9 @@ int wolfSSL_X509_load_cert_crl_file(WOLFSSL_X509_LOOKUP *ctx,
         for (i=0; i < num; i++) {
             info_tmp = wolfSSL_sk_X509_INFO_value(info, i);
 
+            if (info_tmp == NULL)
+                continue;
+
             if (info_tmp->x509) {
                 if (wolfSSL_X509_STORE_add_cert(ctx->store, info_tmp->x509) ==
                     WOLFSSL_SUCCESS) {

wolfcrypt/src/chacha.c

@@ -115,7 +115,7 @@ Public domain.
   */
 int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter)
 {
-#if !defined(WOLFSSL_ARMASM)
+#if !defined(USE_ARM_CHACHA_SPEEDUP)
     word32 temp[CHACHA_IV_WORDS];/* used for alignment of memory */
 #endif
 
@@ -124,7 +124,7 @@ int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter)
 
     ctx->left = 0; /* resets state */
 
-#if !defined(WOLFSSL_ARMASM)
+#if !defined(USE_ARM_CHACHA_SPEEDUP)
     XMEMCPY(temp, inIv, CHACHA_IV_BYTES);
     /* block counter */
     ctx->X[CHACHA_MATRIX_CNT_IV+0] = counter;
@@ -141,7 +141,7 @@ int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter)
     return 0;
 }
 
-#if !defined(WOLFSSL_ARMASM)
+#if !defined(USE_ARM_CHACHA_SPEEDUP)
 /* "expand 32-byte k" as unsigned 32 byte */
 static const word32 sigma[4] = {0x61707865, 0x3320646e, 0x79622d32, 0x6b206574};
 /* "expand 16-byte k" as unsigned 16 byte */
@@ -153,7 +153,7 @@ static const word32 tau[4] = {0x61707865, 0x3120646e, 0x79622d36, 0x6b206574};
   */
 int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
 {
-#if !defined(WOLFSSL_ARMASM)
+#if !defined(USE_ARM_CHACHA_SPEEDUP)
     const word32* constants;
     const byte*   k;
 #ifdef XSTREAM_ALIGN
@@ -167,7 +167,7 @@ int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
     if (keySz != (CHACHA_MAX_KEY_SZ/2) && keySz != CHACHA_MAX_KEY_SZ)
         return BAD_FUNC_ARG;
 
-#if !defined(WOLFSSL_ARMASM)
+#if !defined(USE_ARM_CHACHA_SPEEDUP)
 #ifdef XSTREAM_ALIGN
     if ((wc_ptr_t)key % 4) {
         WOLFSSL_MSG("wc_ChachaSetKey unaligned key");
@@ -220,7 +220,7 @@ int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
     return 0;
 }
 
-#if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(WOLFSSL_ARMASM)
+#if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(USE_ARM_CHACHA_SPEEDUP)
 /**
   * Converts word into bytes with rotations having been done.
   */
@@ -267,7 +267,7 @@ extern void chacha_encrypt_avx2(ChaCha* ctx, const byte* m, byte* c,
 #endif
 
 
-#if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(WOLFSSL_ARMASM)
+#if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(USE_ARM_CHACHA_SPEEDUP)
 /**
   * Encrypt a stream of bytes
   */
@@ -365,7 +365,7 @@ int wc_Chacha_Process(ChaCha* ctx, byte* output, const byte* input,
         chacha_encrypt_x64(ctx, input, output, msglen);
         return 0;
     }
-#elif defined(WOLFSSL_ARMASM)
+#elif defined(USE_ARM_CHACHA_SPEEDUP)
     /* Handle left over bytes from last block. */
     if ((msglen > 0) && (ctx->left > 0)) {
         byte* over = ((byte*)ctx->over) + CHACHA_CHUNK_BYTES - ctx->left;

wolfcrypt/src/kdf.c

@@ -797,8 +797,10 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
     remainder = keySz % digestSz;
 
     ret = _HashInit(enmhashId, &hash);
-    if (ret == 0)
-        ret = _HashUpdate(enmhashId, &hash, kSzFlat, LENGTH_SZ);
+    if (ret != 0)
+        return ret;
+
+    ret = _HashUpdate(enmhashId, &hash, kSzFlat, LENGTH_SZ);
     if (ret == 0 && kPad)
         ret = _HashUpdate(enmhashId, &hash, &pad, 1);
     if (ret == 0)

wolfcrypt/src/sha256.c

@@ -1105,6 +1105,10 @@ int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
     sha256->heap = heap;
     (void)devId;
 
+    #ifdef WOLFSSL_SMALL_STACK_CACHE
+    sha256->W = NULL;
+    #endif
+
     return ret;
 }
 
@@ -1241,16 +1245,16 @@ static WC_INLINE int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
     #if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_NO_MALLOC)
         word32* W = sha256->W;
         if (W == NULL) {
-            W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
-                                                           DYNAMIC_TYPE_DIGEST);
+            W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE,
+                                 sha256->heap, DYNAMIC_TYPE_DIGEST);
             if (W == NULL)
                 return MEMORY_E;
             sha256->W = W;
         }
     #elif defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         word32* W;
-        W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
+        W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE,
+                             sha256->heap, DYNAMIC_TYPE_TMP_BUFFER);
         if (W == NULL)
             return MEMORY_E;
     #else
@@ -1291,7 +1295,7 @@ static WC_INLINE int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
     #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE) &&\
         !defined(WOLFSSL_NO_MALLOC)
         ForceZero(W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
-        XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(W, sha256->heap, DYNAMIC_TYPE_TMP_BUFFER);
     #endif
         return 0;
     }
@@ -2308,7 +2312,7 @@ static WC_INLINE int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
 #ifdef WOLFSSL_SMALL_STACK_CACHE
         if (sha224->W != NULL) {
             ForceZero(sha224->W, sizeof(word32) * WC_SHA224_BLOCK_SIZE);
-            XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
+            XFREE(sha224->W, sha224->heap, DYNAMIC_TYPE_DIGEST);
             sha224->W = NULL;
         }
 #endif
@@ -2391,7 +2395,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     if (sha256->W != NULL) {
         ForceZero(sha256->W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
-        XFREE(sha256->W, NULL, DYNAMIC_TYPE_DIGEST);
+        XFREE(sha256->W, sha256->heap, DYNAMIC_TYPE_DIGEST);
         sha256->W = NULL;
     }
 #endif

wolfssl/wolfcrypt/chacha.h

@@ -68,6 +68,10 @@ Block counter is located at index 12.
     #define USE_INTEL_CHACHA_SPEEDUP
     #define HAVE_INTEL_AVX1
 #endif
+#elif defined(WOLFSSL_ARMASM)
+    #ifndef NO_CHACHA_ASM
+        #define USE_ARM_CHACHA_SPEEDUP
+    #endif
 #endif
 
 enum {
@@ -82,7 +86,7 @@ typedef struct ChaCha {
     byte extra[12];
 #endif
     word32 left;                            /* number of bytes leftover */
-#if defined(USE_INTEL_CHACHA_SPEEDUP) || defined(WOLFSSL_ARMASM) || \
+#if defined(USE_INTEL_CHACHA_SPEEDUP) || defined(USE_ARM_CHACHA_SPEEDUP) || \
     defined(WOLFSSL_RISCV_ASM)
     word32 over[CHACHA_CHUNK_WORDS];
 #endif
@@ -107,7 +111,7 @@ WOLFSSL_API int wc_XChacha_SetKey(ChaCha *ctx, const byte *key, word32 keySz,
                                   word32 counter);
 #endif
 
-#if defined(WOLFSSL_ARMASM)
+#if defined(USE_ARM_CHACHA_SPEEDUP)
 
 WOLFSSL_LOCAL void wc_chacha_setiv(word32* x, const byte* iv, word32 counter);
 WOLFSSL_LOCAL void wc_chacha_setkey(word32* x, const byte* key, word32 keySz);