Handle errors from functions that now return int

A few functions were changed from returning void to returning int three commits ago. Make sure their callers check the return values. This commits was basically a matter of declaring newly-int-returning functions MBEDTLS_CHECK_RETURN_CRITICAL and then fixing the resulting warnings. A few functions had to be made int in the process; they were applied the same process as well. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-07-30 22:43:08 +03:00 · 2023-02-06 00:34:21 +01:00
parent d7a7a23308
commit b8b07aa24a
9 changed files with 171 additions and 67 deletions
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -2639,7 +2639,12 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl,

        /* Update running hashes of handshake messages seen */
        if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0) {
-            ssl->handshake->update_checksum(ssl, ssl->out_msg, ssl->out_msglen);
+            ret = ssl->handshake->update_checksum(ssl, ssl->out_msg,
+                                                  ssl->out_msglen);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
+                return ret;
+            }
        }
    }

@ -3067,12 +3072,17 @@ int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl)
    return 0;
 }

-void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
+int mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
 {
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    mbedtls_ssl_handshake_params * const hs = ssl->handshake;

    if (mbedtls_ssl_is_handshake_over(ssl) == 0 && hs != NULL) {
-        ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen);
+        ret = ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen);
+        if (ret != 0) {
+            MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret);
+            return ret;
+        }
    }

    /* Handshake message is complete, increment counter */
@ -3103,6 +3113,7 @@ void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl)
        memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer));
    }
 #endif
+    return 0;
 }

 /*
@ -3928,7 +3939,11 @@ int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl,

        if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
            update_hs_digest == 1) {
-            mbedtls_ssl_update_handshake_status(ssl);
+            ret = mbedtls_ssl_update_handshake_status(ssl);
+            if (0 != ret) {
+                MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_update_handshake_status"), ret);
+                return ret;
+            }
        }
    } else {
        MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message"));