Exclude a few lines from lcov coverage stats:
- "fail" branches in selftests
- "should never happen" errors in SSL
- cipher_xxx() failures in SSL
- some things that fail only if malloc() fails
- some things that fail only if fread/fwrite()/ftell() fails
(after fopen() succeeded)
- some things that fail only if a parameter is invalid, but the parameter was
actually validated earlier
- generated code in library/error.c
diff --git a/library/ccm.c b/library/ccm.c
index 3463a0b..f845b4e 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -83,12 +83,12 @@
mbedtls_cipher_free( &ctx->cipher_ctx );
if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
- return( ret );
+ return( ret ); // LCOV_EXCL_LINE (fails only if malloc fails of cipher_info is NULL)
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
MBEDTLS_ENCRYPT ) ) != 0 )
{
- return( ret );
+ return( ret ); // LCOV_EXCL_LINE (fails only on bad key size, already tested by cipher_info_from_values())
}
return( 0 );
@@ -407,12 +407,12 @@
mbedtls_ccm_init( &ctx );
if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
- {
+ { // LCOV_EXCL_START
if( verbose != 0 )
mbedtls_printf( " CCM: setup failed" );
return( 1 );
- }
+ } // LCOV_EXCL_STOP
for( i = 0; i < NB_TESTS; i++ )
{
@@ -426,12 +426,12 @@
if( ret != 0 ||
memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
- {
+ { // LCOV_EXCL_START
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
- }
+ } // LCOV_EXCL_STOP
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i],
@@ -440,12 +440,12 @@
if( ret != 0 ||
memcmp( out, msg, msg_len[i] ) != 0 )
- {
+ { // LCOV_EXCL_START
if( verbose != 0 )
mbedtls_printf( "failed\n" );
return( 1 );
- }
+ } // LCOV_EXCL_STOP
if( verbose != 0 )
mbedtls_printf( "passed\n" );