cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-10 07:36:28 -04:00
Code Issues Packages Projects Releases Wiki Activity
18,800 Commits 7 Branches 115 Tags
Commit Graph

18800 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bence Szépkúti
b80ac7d73b
Merge pull request #8628 from tom-cosgrove-arm/ip_len-2.28 
Backport 2.28: Avoid use of `ip_len` as it clashes with a macro in AIX system headers
 2023-12-18 02:02:49 +00:00
Bence Szépkúti
cb89fbdc67 Set OpenSSL/GnuTLS variables in release components 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-15 21:17:56 +01:00
Bence Szépkúti
44043ed127 Document release components in all.sh 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-15 21:17:56 +01:00
Bence Szépkúti
2064c9b595 all.sh: Parse arguments before checking if a test is supported 
Support for each test was checked before the command line had been
parsed, causing the support_ functions to ignore arguments that set a
tool's location.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-15 20:40:18 +01:00
Dave Rodgman
4966eb8ce8
Merge pull request #8625 from davidhorstmann-arm/fix-uninit-mpi-test-2.28 
[Backport 2.28] Fix possible free of uninitialized MPI
 2023-12-13 11:19:21 +00:00
David Horstmann
95b54f34a0
Merge pull request #1129 from gilles-peskine-arm/psa-buffers-test-poison-2.28 
Backport 2.28: Memory poisoning function for Asan
 2023-12-11 17:56:23 +00:00
Tom Cosgrove
e1f6d3bebd Backport 2.28: Avoid use of ip_len as it clashes with a macro in AIX system headers 
Fixes #8624

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-12-08 21:53:18 +00:00
David Horstmann
ec4c47f62b Move MPI initialization to start of function 
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-08 18:36:07 +00:00
Paul Elliott
0dc3ed029a
Merge pull request #8620 from davidhorstmann-arm/fix-selftest-doublefree-2.28 
[Backport 2.28] Fix potential double-free in calloc selftest
 2023-12-08 12:23:05 +00:00
David Horstmann
05fde60d89 Fix potential double-free in calloc selftest 
Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-07 14:28:52 +00:00
Dave Rodgman
f09b837977
Merge pull request #8614 from daverodgman/backport-filter-components-in-pr-job 
Do not run Valgrind tests in PR jobs - backport 2.28
 2023-12-06 23:05:31 +00:00
Bence Szépkúti
e1c6c4c962 Do not run Valgrind tests in PR jobs 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-12-06 16:47:51 +00:00
Gilles Peskine
7d68a1954c Protect against compiler optimizations 
GCC 5.4 optimized the write after poisoning (the surprising thing is that
11.4 doesn't).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
0c7d3eda0a Memory poisoning: meta-test writes as well as reads 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
014d89b782 Avoid unused variable warnings in some plausible usage 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
5e8740576c Use the existing definition of MBEDTLS_TEST_HAVE_ASAN 
A definition now exists in tests/helpers.h, which is a better place.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
d751406f8d Port to platforms where printf doesn't have %zu 
Reuse the existing abstraction from include/mbedtls/debug.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
ac8cd66bda Fix MSVC build failure 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
721a64463a Basic functional test for memory poisoning 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
962c5da52a Fix memory poisoning with Asan on arbitrary byte boundaries 
Asan poisons memory with an 8-byte granularity. We want to make sure that
the whole specified region is poisoned (our typical use case is a
heap-allocated object, and we want to poison the whole object, and we don't
care about the bytes after the end of the object and up to the beginning of
the next object). So align the start and end of the region to (un)poison to
an 8-byte boundary.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
071d144a2e Add memory poisoning framework 
While an area of memory is poisoned, reading or writing from it triggers a
sanitizer violation.

Implemented for ASan.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
87270e5337 New files for memory-related test functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 20:51:56 +01:00
Gilles Peskine
242e4efcad Merge remote-tracking branch 'mbedtls-2.28' into mbedtls-2.28-restricted 2023-11-29 19:50:46 +01:00
Gilles Peskine
7655fd2d93
Merge pull request #8570 from yuhaoth/pr/fix-ciphersuite-list-wrong-for-mbedtls-2.28 
Backport 2.28: ssl-opt.sh: Fix getting the list of supported ciphersuites.
 2023-11-29 11:31:35 +00:00
Ronald Cron
ba77a66475 Align forced ciphersuite with test description 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:15:14 +08:00
Ronald Cron
6f2183f756 ssl-opt.sh: Remove unnecessary symmetric crypto dependencies 
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
   forced ciphersuite is available.
3) The fact that the forced ciphersuite is
   available implies that the symmetric
   cipher algorithm it uses is available as
   well.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:15:12 +08:00
Ronald Cron
237e3f8e53 ssl-opt.sh: Fix some symmetric crypto dependencies 
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:13:50 +08:00
Ronald Cron
a8b474f42f ssl-opt.sh: Add a check of the list of supported ciphersuites 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:11:47 +08:00
Ronald Cron
46a660a2c5 ssl-opt.sh: Fix getting the list of supported ciphersuites. 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-11-29 10:11:17 +08:00
Dave Rodgman
806c27c5f4
Merge pull request #1126 from davidhorstmann-arm/psa-buffer-copy-fn-2.28 
[Backport 2.28] Implement buffer copying functions for PSA crypto
 2023-11-24 10:46:31 +00:00
David Horstmann
8e1f0d0d31 Improve description of psa_crypto_input_copy_alloc 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-23 16:04:11 +00:00
David Horstmann
0d52c71ccd Use initializers in alloc functions 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-23 16:04:11 +00:00
David Horstmann
45221ffdc4 Add casts to local input / output initializers 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-23 16:04:11 +00:00
Dave Rodgman
60dcdd1686
Merge pull request #8558 from gilles-peskine-arm/MBEDTLS_TEST_HAVE_xSAN-2.28 
Backport 2.28: Fix test_suite_platform failure with Asan on modern Clang
 2023-11-23 14:04:09 +00:00
Paul Elliott
20e76134ea
Merge pull request #8557 from gilles-peskine-arm/metatest-gcc-12-2.28 
Backport 2.28: Fix metatest.c with gcc-12 -Wuse-after-free
 2023-11-23 11:09:24 +00:00
Gilles Peskine
c3a9bdb2b5 Detect enabled GCC/Clang sanitizers 
Occasionally we want tests to take advantage of sanitizers, or work around
them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 18:00:31 +01:00
Gilles Peskine
e9616fdbc9 Fix the build with gcc-12 -Wuse-after-free 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-22 17:37:57 +01:00
David Horstmann
1a76ab1c34 Rename "output_copy" -> "local_output" 
This helps to prevent confusion as it avoids overloading the word
"copy" as both an action and an object.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:09:04 +00:00
David Horstmann
81a0d57e36 Rename "input_copy" -> "local_input" 
This helps to prevent confusion as it avoids overloading the word
"copy" as both an action and an object.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:09:02 +00:00
David Horstmann
48ffb93d7f De-abbreviate "len" -> "length" 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
232ab25bcd Change psa_crypto_copy_output error code 
When we are copying output, it makes sense to return
PSA_ERROR_BUFFER_TOO_SMALL since the buffer we are copying to is a user
output buffer.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
34c434a3ca Add initializers for input / output copies 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
37e3fc6c76 Remove unnecessary checks for NULL-ness of copies 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
d79d5e7ed0 Check for len == 0 rather than buffer == NULL 
This makes the intention clearer

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
c3be8cb24a Fix code style in psa_crypto_core.h 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
2d730c015e Compare buffers even for zero-length cases 
This enables us to test that lengths are correctly zero when the buffer
pointer is NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
0ee4d18bc6 Use TEST_CALLOC_NONNULL 
Check that input/output copying works for zero-length NULL input
buffers.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
e8a92227dc Change data pattern to simpler one 
Just use the index modulo 256, as this has a greater stride and is
simpler to use.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
726bf058fe Remove redundant NULL check 
A NULL buffer with a non-zero length is an internal error, so just
check the length.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00
David Horstmann
660027f310 Skip call to memcpy if buffer length is zero 
This allows the copy functions to work when passed a (NULL, 0) buffer.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-11-22 15:07:31 +00:00