Merge pull request #6436 from lealem47/sanitizer

Miscellaneous fixes for sanitizer

src/internal.c

@@ -15958,6 +15958,12 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             return PARSE_ERROR;
         }
 
+        if (size > MAX_HANDSHAKE_SZ) {
+            WOLFSSL_MSG("Handshake message too large");
+            WOLFSSL_ERROR_VERBOSE(HANDSHAKE_SIZE_ERROR);
+            return HANDSHAKE_SIZE_ERROR;
+        }
+
         return DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
     }
 

wolfcrypt/src/dh.c

@@ -2706,11 +2706,13 @@ int wc_DhCmpNamedKey(int name, int noQ,
             goodName = 0;
     }
 
-    cmp = goodName && (pSz == pCmpSz) && (gSz == gCmpSz) &&
-        (noQ || ((qCmp != NULL) && (qSz == qCmpSz) &&
-                 XMEMCMP(q, qCmp, qCmpSz) == 0)) &&
-        (XMEMCMP(p, pCmp, pCmpSz) == 0) &&
-        (XMEMCMP(g, gCmp, gCmpSz) == 0);
+    if (goodName) {
+        cmp = (pSz == pCmpSz) && (gSz == gCmpSz) &&
+            (noQ || ((qCmp != NULL) && (qSz == qCmpSz) &&
+                     XMEMCMP(q, qCmp, qCmpSz) == 0)) &&
+            (XMEMCMP(p, pCmp, pCmpSz) == 0) &&
+            (XMEMCMP(g, gCmp, gCmpSz) == 0);
+    }
 
     return cmp;
 }

wolfcrypt/src/hmac.c

@@ -1290,6 +1290,8 @@ int wolfSSL_GetHmacMaxSize(void)
             return ret;
         }
 
+        XMEMSET(tmp, 0, WC_MAX_DIGEST_SIZE);
+
         while (outIdx < outSz) {
             word32 tmpSz = (n == 1) ? 0 : hashSz;
             word32 left = outSz - outIdx;

wolfcrypt/src/sp_int.c

@@ -17757,7 +17757,7 @@ int sp_tohex(const sp_int* a, char* str)
             d = a->dp[i];
         #ifndef WC_DISABLE_RADIX_ZERO_PAD
             /* Find highest non-zero byte in most-significant word. */
-            for (j = SP_WORD_SIZE - 8; j >= 0; j -= 8) {
+            for (j = SP_WORD_SIZE - 8; j >= 0 && i >= 0; j -= 8) {
                 /* When a byte at this index is not 0 break out to start
                  * writing.
                  */