From 2318302ba657780b5a2bd637cc4b5fba4331cd8c Mon Sep 17 00:00:00 2001 From: Emma Stensland Date: Thu, 25 Jun 2026 14:31:40 -0600 Subject: [PATCH] F-1289 F-1718 F-1707 oob write and null pointer fixes --- dtls/client-dtls-cid.c | 1 + dtls/client-dtls-ipv6.c | 1 + dtls/client-dtls.c | 9 +++++---- dtls/client-dtls13-cid.c | 1 + dtls/memory-bio-dtls.c | 4 ++-- tls/memory-tls.c | 4 ++-- 6 files changed, 12 insertions(+), 8 deletions(-) diff --git a/dtls/client-dtls-cid.c b/dtls/client-dtls-cid.c index 9888840ab..df0448017 100644 --- a/dtls/client-dtls-cid.c +++ b/dtls/client-dtls-cid.c @@ -140,6 +140,7 @@ int main (int argc, char** argv) if (readErr != SSL_ERROR_WANT_READ) { printf("wolfSSL_read failed"); } + continue; } /* Add a terminating character to the generic server message */ diff --git a/dtls/client-dtls-ipv6.c b/dtls/client-dtls-ipv6.c index f5f3e5a25..4d9ce763b 100644 --- a/dtls/client-dtls-ipv6.c +++ b/dtls/client-dtls-ipv6.c @@ -128,6 +128,7 @@ int main (int argc, char** argv) if (readErr != SSL_ERROR_WANT_READ) { printf("wolfSSL_read failed"); } + continue; } /* Add a terminating character to the generic server message */ diff --git a/dtls/client-dtls.c b/dtls/client-dtls.c index c70b0acd5..edd7b5447 100644 --- a/dtls/client-dtls.c +++ b/dtls/client-dtls.c @@ -129,10 +129,11 @@ int main (int argc, char** argv) printf("wolfSSL_read failed"); } } - - /* Add a terminating character to the generic server message */ - recvLine[n] = '\0'; - fputs(recvLine, stdout); + else { + /* Add a terminating character to the generic server message */ + recvLine[n] = '\0'; + fputs(recvLine, stdout); + } } /* End code for sending datagram to server */ /*****************************************************************************/ diff --git a/dtls/client-dtls13-cid.c b/dtls/client-dtls13-cid.c index 1393b93a0..1a803417d 100644 --- a/dtls/client-dtls13-cid.c +++ b/dtls/client-dtls13-cid.c @@ -140,6 +140,7 @@ int main (int argc, char** argv) if (readErr != SSL_ERROR_WANT_READ) { printf("wolfSSL_read failed"); } + continue; } /* Add a terminating character to the generic server message */ diff --git a/dtls/memory-bio-dtls.c b/dtls/memory-bio-dtls.c index 9a84b3552..62f8a5b8a 100644 --- a/dtls/memory-bio-dtls.c +++ b/dtls/memory-bio-dtls.c @@ -92,7 +92,7 @@ static void* client_thread(void* args) } cli_ssl = wolfSSL_new(cli_ctx); - if (cli_ctx == NULL) { + if (cli_ssl == NULL) { err_sys("bad client new"); } @@ -170,7 +170,7 @@ int main() } srv_ssl = wolfSSL_new(srv_ctx); - if (srv_ctx == NULL) { + if (srv_ssl == NULL) { err_sys("bad server new"); } diff --git a/tls/memory-tls.c b/tls/memory-tls.c index 663ac8551..4ac7e1c49 100644 --- a/tls/memory-tls.c +++ b/tls/memory-tls.c @@ -153,7 +153,7 @@ static void* client_thread(void* args) wolfSSL_SetIORecv(cli_ctx, ClientRecv); WOLFSSL* cli_ssl = wolfSSL_new(cli_ctx); - if (cli_ctx == NULL) err_sys("bad client new"); + if (cli_ssl == NULL) err_sys("bad client new"); ret = wolfSSL_connect(cli_ssl); if (ret != WOLFSSL_SUCCESS) err_sys("bad client tls connect"); @@ -185,7 +185,7 @@ int main() wolfSSL_SetIORecv(srv_ctx, ServerRecv); WOLFSSL* srv_ssl = wolfSSL_new(srv_ctx); - if (srv_ctx == NULL) err_sys("bad server new"); + if (srv_ssl == NULL) err_sys("bad server new"); /* start client thread */ pthread_t tid;