From e58ccd7937ce16ea99fba57609cac933495cdda1 Mon Sep 17 00:00:00 2001 From: Lindsay Stewart Date: Thu, 2 May 2024 11:25:42 -0700 Subject: [PATCH] ci: grep for S2N_RESULT_ERR without setting s2n_errno --- codebuild/bin/grep_simple_mistakes.sh | 5 +++++ tls/s2n_async_pkey.c | 7 ++----- tls/s2n_early_data_io.c | 13 +++++++------ 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/codebuild/bin/grep_simple_mistakes.sh b/codebuild/bin/grep_simple_mistakes.sh index 84c3810b8f6..5425bcada3b 100755 --- a/codebuild/bin/grep_simple_mistakes.sh +++ b/codebuild/bin/grep_simple_mistakes.sh @@ -75,6 +75,7 @@ for file in $S2N_FILES_ASSERT_RETURN; do RESULT_NEGATIVE_ONE=`grep -rn 'return -1;' $file` RESULT_S2N_ERR=`grep -rn 'return S2N_ERR*' $file` RESULT_S2N_FAIL=`grep -rn 'return S2N_FAIL*' $file` + RESULT_S2N_RESULT_ERR=`grep -rn 'return S2N_RESULT_ERR*' $file` if [ "${#RESULT_NEGATIVE_ONE}" != "0" ]; then FAILED=1 @@ -88,6 +89,10 @@ for file in $S2N_FILES_ASSERT_RETURN; do FAILED=1 printf "\e[1;34mGrep for 'return S2N_FAIL*' check failed in $file:\e[0m\n$RESULT_S2N_FAIL\n\n" fi + if [ "${#RESULT_S2N_RESULT_ERR}" != "0" ]; then + FAILED=1 + printf "\e[1;34mGrep for 'return S2N_RESULT_ERR*' check failed in $file:\e[0m\n$RESULT_S2N_RESULT_ERR\n\n" + fi done ############################################# diff --git a/tls/s2n_async_pkey.c b/tls/s2n_async_pkey.c index d537c0c3344..84b772733ca 100644 --- a/tls/s2n_async_pkey.c +++ b/tls/s2n_async_pkey.c @@ -124,7 +124,7 @@ static S2N_RESULT s2n_async_get_actions(s2n_async_pkey_op_type type, const struc /* No default for compiler warnings */ } - return S2N_RESULT_ERROR; + RESULT_BAIL(S2N_ERR_SAFETY); } static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op) @@ -138,10 +138,7 @@ static S2N_RESULT s2n_async_pkey_op_allocate(struct s2n_async_pkey_op **op) RESULT_GUARD_POSIX(s2n_blob_zero(&mem)); *op = (void *) mem.data; - if (s2n_blob_init(&mem, NULL, 0) != S2N_SUCCESS) { - *op = NULL; - return S2N_RESULT_ERROR; - } + ZERO_TO_DISABLE_DEFER_CLEANUP(mem); return S2N_RESULT_OK; } diff --git a/tls/s2n_early_data_io.c b/tls/s2n_early_data_io.c index b99ce78823e..e6a4ca8345a 100644 --- a/tls/s2n_early_data_io.c +++ b/tls/s2n_early_data_io.c @@ -169,9 +169,9 @@ S2N_RESULT s2n_send_early_data_impl(struct s2n_connection *conn, const uint8_t * int negotiate_result = s2n_negotiate(conn, blocked); if (negotiate_result < S2N_SUCCESS) { if (s2n_error_get_type(s2n_errno) != S2N_ERR_T_BLOCKED) { - return S2N_RESULT_ERROR; + RESULT_GUARD_POSIX(negotiate_result); } else if (*blocked != S2N_BLOCKED_ON_EARLY_DATA && *blocked != S2N_BLOCKED_ON_READ) { - return S2N_RESULT_ERROR; + RESULT_GUARD_POSIX(negotiate_result); } } /* Save the error status for later */ @@ -239,14 +239,15 @@ S2N_RESULT s2n_recv_early_data_impl(struct s2n_connection *conn, uint8_t *data, return S2N_RESULT_OK; } - while (s2n_negotiate(conn, blocked) < S2N_SUCCESS) { + int negotiate_result = S2N_SUCCESS; + while ((negotiate_result = s2n_negotiate(conn, blocked)) != S2N_SUCCESS) { if (s2n_error_get_type(s2n_errno) != S2N_ERR_T_BLOCKED) { - return S2N_RESULT_ERROR; + RESULT_GUARD_POSIX(negotiate_result); } else if (max_data_len <= *data_received) { - return S2N_RESULT_ERROR; + RESULT_GUARD_POSIX(negotiate_result); } else if (*blocked != S2N_BLOCKED_ON_EARLY_DATA) { if (s2n_early_data_can_continue(conn)) { - return S2N_RESULT_ERROR; + RESULT_GUARD_POSIX(negotiate_result); } else { *blocked = S2N_NOT_BLOCKED; return S2N_RESULT_OK;