Merge pull request #3611 from gilles-peskine-arm/psa-coverity-cleanups-202008

Minor fixes in PSA code and tests
2025-07-29 11:41:15 +03:00 · 2020-08-26 13:18:27 +02:00
parent 9e4d4387f0 a2e518daf5
commit d4b9133850
7 changed files with 63 additions and 11 deletions
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@ -174,7 +174,13 @@ static psa_status_t psa_crypto_storage_store( const psa_key_file_id_t key,

 exit:
    if( status != PSA_SUCCESS )
-        psa_its_remove( data_identifier );
+    {
+        /* Remove the file in case we managed to create it but something
+         * went wrong. It's ok if the file doesn't exist. If the file exists
+         * but the removal fails, we're already reporting an error so there's
+         * nothing else we can do. */
+        (void) psa_its_remove( data_identifier );
+    }
    return( status );
 }

--- a/library/psa_its_file.c
+++ b/library/psa_its_file.c
@ -233,7 +233,12 @@ exit:
        if( rename_replace_existing( PSA_ITS_STORAGE_TEMP, filename ) != 0 )
            status = PSA_ERROR_STORAGE_FAILURE;
    }
-    remove( PSA_ITS_STORAGE_TEMP );
+    /* The temporary file may still exist, but only in failure cases where
+     * we're already reporting an error. So there's nothing we can do on
+     * failure. If the function succeeded, and in some error cases, the
+     * temporary file doesn't exist and so remove() is expected to fail.
+     * Thus we just ignore the return status of remove(). */
+    (void) remove( PSA_ITS_STORAGE_TEMP );
    return( status );
 }