commit bcb1818e19ea455cfddb7926d247513ce4e91939
author Dave Rodgman <dave.rodgman@arm.com> Thu Oct 12 11:50:30 2023 +0100
committer Dave Rodgman <dave.rodgman@arm.com> Thu Oct 12 16:23:11 2023 +0100
tree 198e857123da792a4525f2d017f5dc01fdf05b88
parent 54bb76e1065a17df79aa22ad4faf307786186603

Fix IAR 'transfer of control bypasses initialization' warnings

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

library/pkcs12.c

diff --git a/library/pkcs12.c b/library/pkcs12.c
index 4db2a4b..4e12476 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -172,6 +172,7 @@
     size_t iv_len = 0;
     size_t finish_olen = 0;
     unsigned int padlen = 0;
+    mbedtls_cipher_padding_t padding;
 
     if (pwd == NULL && pwdlen != 0) {
         return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA;
@@ -218,7 +219,7 @@
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
     /* PKCS12 uses CBC with PKCS7 padding */
 
-    mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
+    padding = MBEDTLS_PADDING_PKCS7;
 #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
     /* For historical reasons, when decrypting, this function works when
      * decrypting even when support for PKCS7 padding is disabled. In this

library/pkcs5.c

diff --git a/library/pkcs5.c b/library/pkcs5.c
index 2756d05..3dc97a5 100644
--- a/library/pkcs5.c
+++ b/library/pkcs5.c
@@ -152,6 +152,7 @@
     mbedtls_cipher_type_t cipher_alg;
     mbedtls_cipher_context_t cipher_ctx;
     unsigned int padlen = 0;
+    mbedtls_cipher_padding_t padding;
 
     p = pbe_params->p;
     end = p + pbe_params->len;
@@ -246,7 +247,7 @@
      * "PKCS5 padding" except that it's typically only called PKCS5
      * with 64-bit-block ciphers).
      */
-    mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7;
+    padding = MBEDTLS_PADDING_PKCS7;
 #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7)
     /* For historical reasons, when decrypting, this function works when
      * decrypting even when support for PKCS7 padding is disabled. In this

library/x509_create.c

diff --git a/library/x509_create.c b/library/x509_create.c
index 2583cdd..93ca2de 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -243,6 +243,8 @@
         return MBEDTLS_ERR_X509_ALLOC_FAILED;
     }
     /* Beyond this point, der needs to be freed on exit. */
+    unsigned char *p = der + 1;
+
     for (size_t i = 0; i < der_length; i++) {
         int c = hexpair_to_int(s + 2 * i);
         if (c < 0) {
@@ -254,7 +256,6 @@
     /* Step 3: decode the DER. */
     /* We've checked that der_length >= 1 above. */
     *tag = der[0];
-    unsigned char *p = der + 1;
     if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) {
         goto error;
     }