Skip to content

Fix coverity scan issues in wolfTPM#463

Merged
dgarske merged 4 commits intowolfSSL:masterfrom
aidangarske:fix-coverity-2-25
Feb 26, 2026
Merged

Fix coverity scan issues in wolfTPM#463
dgarske merged 4 commits intowolfSSL:masterfrom
aidangarske:fix-coverity-2-25

Conversation

@aidangarske
Copy link
Member

@aidangarske aidangarske commented Feb 26, 2026

Fix 900688, 900687, 900686, 900685, 900676, 900675, 900674, 900673, 900672, and 900671

Copilot AI review requested due to automatic review settings February 26, 2026 19:14
@dgarske dgarske self-assigned this Feb 26, 2026
Copilot AI reviewed Feb 26, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Addresses multiple Coverity findings by tightening bounds checking and improving error handling/logging in wolfTPM and example utilities.

Changes:

  • Guard debug logging and improve Linux read failure diagnostics.
  • Add key-size validation checks in TPM parameter encryption/decryption helpers.
  • Add bounds checks and propagate hashing / file-loaded data validation errors in examples.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
src/tpm2_wrap.c Wraps init failure printf with DEBUG_WOLFTPM guard.
src/tpm2_param_enc.c Adds source key-size validation to prevent key buffer overruns.
src/tpm2_linux.c Simplifies read error handling and logs ret with errno.
examples/pcr/extend.c Starts checking hash API return codes during PCR extend digest creation.
examples/attestation/make_credential.c Adds object name size bounds check before copy.
examples/attestation/activate_credential.c Adds credential blob/secret bounds checks after reading from file.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@aidangarske aidangarske marked this pull request as ready for review February 26, 2026 19:23
@aidangarske aidangarske requested review from Copilot and removed request for Copilot February 26, 2026 19:23
@aidangarske aidangarske requested a review from dgarske February 26, 2026 19:45
dgarske
dgarske requested changes Feb 26, 2026
View reviewed changes
Copilot AI review requested due to automatic review settings February 26, 2026 22:48
Copilot AI reviewed Feb 26, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@aidangarske aidangarske requested a review from dgarske February 26, 2026 22:53
dgarske
dgarske requested changes Feb 26, 2026
View reviewed changes
@dgarske dgarske merged commit 366e4d6 into wolfSSL:master Feb 26, 2026
69 of 70 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dgarske dgarske dgarske approved these changes

Assignees

@dgarske dgarske

@wolfSSL-Bot wolfSSL-Bot

@aidangarske aidangarske

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aidangarske @dgarske @wolfSSL-Bot