mbedtls: fix defects in coverity scan

Fixes of unreleased buffer, deadcode and wrong variable type detected
by coverity scan.

Addresses-Coverity-ID: 510809:  Resource leaks  (RESOURCE_LEAK)
Addresses-Coverity-ID: 510806:  Control flow issues  (DEADCODE)
Addresses-Coverity-ID: 510794 Control flow issues  (NO_EFFECT)

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>

diff --git a/lib/mbedtls/pkcs7_parser.c b/lib/mbedtls/pkcs7_parser.c
index 69ca784858e72e110d846885d8badf4cfddb19b2..ecfcc46edfaf225f71ede46f68b241ecf7420304 100644 (file)
--- a/lib/mbedtls/pkcs7_parser.c
+++ b/lib/mbedtls/pkcs7_parser.c
@@ -206,9 +206,6 @@ static int authattrs_parse(struct pkcs7_message *msg, void *aa, size_t aa_len,
                p += seq_len;
        }
 
-       if (ret && ret !=  MBEDTLS_ERR_ASN1_OUT_OF_DATA)
-               return ret;
-
        msg->have_authattrs = true;
 
        /*
@@ -361,8 +358,10 @@ static int x509_populate_sinfo(struct pkcs7_message *msg,
        signed_info->sig = s;
 
        /* Save the Authenticate Attributes data if exists */
-       if (!mb_sinfo->authattrs.data || !mb_sinfo->authattrs.data_len)
+       if (!mb_sinfo->authattrs.data || !mb_sinfo->authattrs.data_len) {
+               kfree(mctx);
                goto no_authattrs;
+       }
 
        mctx->authattrs_data = kmemdup(mb_sinfo->authattrs.data,
                                       mb_sinfo->authattrs.data_len,

diff --git a/lib/mbedtls/x509_cert_parser.c b/lib/mbedtls/x509_cert_parser.c
index cb42018695caee7776650c81a43fef33305dcd55..e163e16b9bce3f8c6702cbdf3c6aad3cb192244e 100644 (file)
--- a/lib/mbedtls/x509_cert_parser.c
+++ b/lib/mbedtls/x509_cert_parser.c
@@ -66,7 +66,7 @@ time64_t x509_get_timestamp(const mbedtls_x509_time *x509_time)
 static char *x509_populate_dn_name_string(const mbedtls_x509_name *name)
 {
        size_t len = 256;
-       size_t wb;
+       int wb;
        char *name_str;
 
        do {