Merge pull request #6570 from gilles-peskine-arm/bignum-mbedtls_test_read_mpi_core-nonempty

Forbid empty mpi_core in test data

library/constant_time_internal.h

@@ -138,6 +138,7 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x,
  * \param B        The right-hand MPI. This must point to an array of limbs
  *                 with the same allocated length as \p A.
  * \param limbs    The number of limbs in \p A and \p B.
+ *                 This must not be 0.
  *
  * \return         The result of the comparison:
  *                 \c 1 if \p A is less than \p B.

tests/src/helpers.c

@@ -357,8 +357,12 @@ int mbedtls_test_read_mpi_core( mbedtls_mpi_uint **pX, size_t *plimbs,
     size_t hex_len = strlen( input );
     size_t byte_len = ( hex_len + 1 ) / 2;
     *plimbs = CHARS_TO_LIMBS( byte_len );
+
+    /* A core bignum is not allowed to be empty. Forbid it as test data,
+     * this way static analyzers have a chance of knowing we don't expect
+     * the bignum functions to support empty inputs. */
     if( *plimbs == 0 )
-        return( 0 );
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
 
     *pX = mbedtls_calloc( *plimbs, sizeof( **pX ) );
     if( *pX == NULL )

tests/suites/test_suite_bignum_core.misc.data

@@ -167,9 +167,6 @@ mpi_core_lt_ct:"2B5":"2B4":0
 mbedtls_mpi_core_lt_ct: x<y (1 limb)
 mpi_core_lt_ct:"2B5":"2B6":1
 
-mbedtls_mpi_core_lt_ct: x=y (0 limbs)
-mpi_core_lt_ct:"":"":0
-
 mbedtls_mpi_core_lt_ct: x>y (63 bit x, y first byte greater)
 mpi_core_lt_ct:"7FFFFFFFFFFFFFFF":"00000000000000FF":0