Skip to content

Fenrir Fixes: Logic Errors#585

Open
stenslae wants to merge 3 commits into
wolfSSL:masterfrom
stenslae:pr-logic-errors
Open

Fenrir Fixes: Logic Errors#585
stenslae wants to merge 3 commits into
wolfSSL:masterfrom
stenslae:pr-logic-errors

Conversation

@stenslae

@stenslae stenslae commented Jul 1, 2026

Copy link
Copy Markdown
Member

This fixes various Fenrir findings concerning logic errors, safety issues, resource leaks, and API bugs.

  • Fixed a double-free on key1 in dh-pg-ka.c by changing the second call to free key2 .
  • Fixed connection shutdown order in server-psk-nonblocking.c.
  • Replaced system-conflicting shutdown() calls with TLS_shutdown() in example-lwip-native-echoclient.c.
  • Constrained read size to RECV_MSG_LEN - 1 and added null-termination to the reply buffer in server.c.
  • Corrected dead comparisons where unsigned size types were checked for < 0.
  • Fixed UEFI file utility functions in utility_wolf.c where the logic checked the function pointer address ( fileSize == 0 ) rather than the returned file size ( fSize == 0 ).
  • Corrected overflow arithmetic in server-dtls-demux.c.
  • Fixed xmss_example.c to validate privSz instead of pubSz after retrieving the private key length.
  • Duplicate Writes: Removed a redundant duplicate wolfSSL_write() call in client-ech.c.
  • Fixed non-blocking TLS client shutdown loop in client-tls-nonblocking.c to evaluate the correct error variable.
  • Fixed DTLS CID collision check in server-dtls-demux.c to verify connection CIDs against active connections.
  • Appended missing trailing colons ( : ) to cipher-suite fallback list strings in PSK server examples.

Emma Stensland added 2 commits July 1, 2026 15:36
…anosecond overflow arithmetic, and shutdown() call in lwIP
@stenslae stenslae self-assigned this Jul 1, 2026

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #585

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread uefi-library/src/utility_wolf.c
…eDhKey double-free/key2 leak, fileSize dead-code checks, and unsigned keySz < 0 check
Comment thread uefi-library/src/utility_wolf.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #585

Scan targets checked: wolfssl-examples-bugs, wolfssl-examples-src

No new issues found in the changed files. ✅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants