p11test: Avoid possible issues reported by coverity

* The fail_msg() in cmocka has a way not to fail, which confuses coverity. Adding explicit retunr/exit should address this issue
 * Reformat some code in p11test

src/tests/p11test/p11test_case_common.c

@@ -30,13 +30,15 @@ char flag_buffer[11];
 void always_authenticate(test_cert_t *o, token_info_t *info)
 {
 	CK_RV rv;
-	if (!o->always_auth)
+	if (!o->always_auth) {
 		return;
+	}
 
 	rv = info->function_pointer->C_Login(info->session_handle,
 		CKU_CONTEXT_SPECIFIC, info->pin, info->pin_length);
 	if (rv != CKR_OK) {
 		fail_msg(" [ SKIP %s ] Re-authentication failed", o->id_str);
+		exit(1);
 	}
 }
 
@@ -153,7 +155,7 @@ int callback_certificates(test_certs_t *objects,
 	CK_ATTRIBUTE template[], unsigned int template_size, CK_OBJECT_HANDLE object_handle)
 {
 	EVP_PKEY *evp = NULL;
-	const u_char *cp;
+	const u_char *cp = NULL;
 	test_cert_t *o = NULL;
 
 	if (*(CK_CERTIFICATE_TYPE *)template[3].pValue != CKC_X_509)
@@ -166,23 +168,29 @@ int callback_certificates(test_certs_t *objects,
 	cp = template[1].pValue;
 	if (d2i_X509(&(o->x509), &cp, template[1].ulValueLen) == NULL) {
 		fail_msg("d2i_X509");
+		return -1;
 	} else if ((evp = X509_get_pubkey(o->x509)) == NULL) {
 		fail_msg("X509_get_pubkey failed.");
+		return -1;
 	}
 
 	if (EVP_PKEY_base_id(evp) == EVP_PKEY_RSA) {
 		/* Extract public RSA key */
 		RSA *rsa = EVP_PKEY_get0_RSA(evp);
-		if ((o->key.rsa = RSAPublicKey_dup(rsa)) == NULL)
+		if ((o->key.rsa = RSAPublicKey_dup(rsa)) == NULL) {
 			fail_msg("RSAPublicKey_dup failed");
+			return -1;
+		}
 		o->type = EVP_PK_RSA;
 		o->bits = EVP_PKEY_bits(evp);
 
 	} else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
 		/* Extract public EC key */
 		EC_KEY *ec = EVP_PKEY_get0_EC_KEY(evp);
-		if ((o->key.ec = EC_KEY_dup(ec)) == NULL)
+		if ((o->key.ec = EC_KEY_dup(ec)) == NULL) {
 			fail_msg("EC_KEY_dup failed");
+			return -1;
+		}
 		o->type = EVP_PK_EC;
 		o->bits = EVP_PKEY_bits(evp);
 
@@ -434,8 +442,10 @@ int search_objects(test_certs_t *objects, token_info_t *info,
 		if (i >= objects_length) {
 			objects_length += 4; // do not realloc after each row
 			object_handles = realloc(object_handles, objects_length * sizeof(CK_OBJECT_HANDLE_PTR));
-			if (object_handles == NULL)
+			if (object_handles == NULL) {
 		 		fail_msg("Realloc failed. Need to store object handles.\n");
+				return -1;
+			}
 		}
 		object_handles[i++] = object_handle;
 	}
@@ -445,6 +455,7 @@ int search_objects(test_certs_t *objects, token_info_t *info,
 	if (rv != CKR_OK) {
 		fprintf(stderr, "C_FindObjectsFinal: rv = 0x%.8lX\n", rv);
  		fail_msg("Could not find certificate.\n");
+		return -1;
 	}
 
 	for (i = 0; i < objects_length; i++) {
@@ -457,24 +468,30 @@ int search_objects(test_certs_t *objects, token_info_t *info,
 
 			rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
 				&(template[j]), 1);
-			if (rv == CKR_ATTRIBUTE_TYPE_INVALID)
+			if (rv == CKR_ATTRIBUTE_TYPE_INVALID) {
 				continue;
-			else if (rv != CKR_OK)
+			} else if (rv != CKR_OK) {
 				fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
+				return -1;
+			}
 
 			/* Allocate memory to hold the data we want */
 			if (template[j].ulValueLen == 0) {
 				continue;
 			} else {
 				template[j].pValue = malloc(template[j].ulValueLen);
-				if (template[j].pValue == NULL)
+				if (template[j].pValue == NULL) {
 					fail_msg("malloc failed");
+					return -1;
+				}
 			}
 			/* Call again to get actual attribute */
 			rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
 				&(template[j]), 1);
-			if (rv != CKR_OK)
+			if (rv != CKR_OK) {
 				fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
+				return -1;
+			}
 		}
 
 		callback(objects, template, template_size, object_handles[i]);

src/tests/p11test/p11test_case_common.h

@@ -103,16 +103,19 @@ int is_pss_mechanism(CK_MECHANISM_TYPE mech);
 #define P11TEST_PASS(info) do { _P11TEST_FINALIZE(info, "pass") } while(0);
 
 #define P11TEST_FAIL(info, msg, ...) do { \
-	if (info->log.fd && info->log.in_test) { \
+		if (info->log.fd && info->log.in_test) { \
-		fprintf(info->log.fd, ",\n\t\"fail_reason\": \"" msg "\"", ##__VA_ARGS__); \
+			fprintf(info->log.fd, ",\n\t\"fail_reason\": \"" msg "\"", ##__VA_ARGS__); \
-	} \
+		} \
-	_P11TEST_FINALIZE(info, "fail") \
+		_P11TEST_FINALIZE(info, "fail") \
-	fail_msg(msg, ##__VA_ARGS__); \
+		fail_msg(msg, ##__VA_ARGS__); \
+		exit(1); \
 	} while (0);
 
 #define P11TEST_DATA_ROW(info, cols, ...) if (info->log.fd) { \
-	if (info->log.in_test == 0) \
+	if (info->log.in_test == 0) {\
 		fail_msg("Can't add data outside of the test");\
+		exit(1); \
+	} \
 	if (info->log.in_data == 0) {\
 		fprintf(info->log.fd, ",\n\t\"data\": [");\
 		info->log.in_data = 1;\

src/tests/p11test/p11test_case_readonly.c

@@ -546,8 +546,10 @@ int sign_verify_test(test_cert_t *o, token_info_t *info, test_mech_t *mech,
 	CK_ULONG sign_length = 0;
 	int rv = 0;
 
-	if (message_length > strlen(SHORT_MESSAGE_TO_SIGN))
+	if (message_length > strlen(SHORT_MESSAGE_TO_SIGN)) {
 		fail_msg("Truncate is longer than the actual message");
+		return -1;
+	}
 
 	if (o->private_handle == CK_INVALID_HANDLE) {
 		debug_print(" [SKIP %s ] Missing private key", o->id_str);

src/tests/p11test/p11test_helpers.c

@@ -23,7 +23,9 @@
 #include "p11test_helpers.h"
 #include "p11test_loader.h"
 
-int open_session(token_info_t *info) {
+int
+open_session(token_info_t *info)
+{
 	CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
 	CK_RV rv;
 
@@ -31,56 +33,65 @@ int open_session(token_info_t *info) {
 		CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR,
 		&info->session_handle);
 
-	if(rv != CKR_OK)
+	if (rv != CKR_OK) {
 		return 1;
+	}
 
 	debug_print("Session was successfully created");
 	return 0;
 }
 
-int initialize_cryptoki(token_info_t *info) {
+int
-
+initialize_cryptoki(token_info_t *info)
+{
 	CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
 	CK_RV rv;
 
 	rv = function_pointer->C_Initialize(NULL_PTR);
-	if(rv != CKR_OK){
+	if (rv != CKR_OK) {
-		fprintf(stderr,"Could not initialize CRYPTOKI!\n");
+		fprintf(stderr, "Could not initialize CRYPTOKI!\n");
 		return 1;
 	}
 
-	if(get_slot_with_card(info)) {
+	if (get_slot_with_card(info)) {
 		function_pointer->C_Finalize(NULL_PTR);
-		fprintf(stderr,"There is no card present in reader.\n");
+		fprintf(stderr, "There is no card present in reader.\n");
 		return 1;
 	}
 
 	return 0;
 }
 
-int token_initialize(void **state) {
+int token_initialize(void **state)
+{
 	token_info_t *info = (token_info_t *) *state;
-	if(initialize_cryptoki(info)) {
+	if (initialize_cryptoki(info)) {
 		debug_print("CRYPTOKI couldn't be initialized");
 		return 1;
 	}
 	return 0;
 }
 
-void logfile_init(token_info_t *info) {
+void logfile_init(token_info_t *info)
-	if (token.log.outfile == NULL)
+{
+	if (token.log.outfile == NULL) {
 		return;
+	}
 
-    if ((info->log.fd = fopen(token.log.outfile, "w")) == NULL)
+	if ((info->log.fd = fopen(token.log.outfile, "w")) == NULL) {
 		fail_msg("Couldn't open file for test results.");
+		exit(1);
+	}
 	fprintf(info->log.fd, "{\n\"time\": 0,\n\"results\": [");
 	info->log.in_test = 0;
 	info->log.first = 1;
 }
 
-void logfile_finalize(token_info_t *info) {
+void logfile_finalize(token_info_t *info)
-	if (info == NULL || info->log.fd == NULL)
+{
+	if (info == NULL || info->log.fd == NULL) {
 		return;
+	}
 
 	/* Make sure the JSON object for test is closed */
 	if (info->log.in_test) {
@@ -94,7 +105,6 @@ void logfile_finalize(token_info_t *info) {
 
 int group_setup(void **state)
 {
-
 	token_info_t * info = calloc(sizeof(token_info_t), 1);
 
 	assert_non_null(info);
@@ -107,6 +117,7 @@ int group_setup(void **state)
 	if (load_pkcs11_module(info, token.library_path)) {
 		free(info);
 		fail_msg("Could not load module!\n");
+		exit(1);
 	}
 
 	logfile_init(info);
@@ -115,8 +126,8 @@ int group_setup(void **state)
 	return 0;
 }
 
-int group_teardown(void **state) {
+int group_teardown(void **state)
-
+{
 	token_info_t *info = (token_info_t *) *state;
 	debug_print("Clearing state after group tests!");
 	// XXX do not finalize already Finalized
@@ -134,13 +145,14 @@ int group_teardown(void **state) {
 	return 0;
 }
 
-int prepare_token(token_info_t *info) {
+int prepare_token(token_info_t *info)
-	if(initialize_cryptoki(info)) {
+{
+	if (initialize_cryptoki(info)) {
 		debug_print("CRYPTOKI couldn't be initialized");
 		return 1;
 	}
 
-	if(open_session(info)) {
+	if (open_session(info)) {
 		debug_print("Could not open session to token!");
 		return 1;
 	}
@@ -148,7 +160,8 @@ int prepare_token(token_info_t *info) {
 	return 0;
 }
 
-int finalize_token(token_info_t *info) {
+int finalize_token(token_info_t *info)
+{
 	CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
 
 	info->session_handle = 0;
@@ -159,26 +172,31 @@ int finalize_token(token_info_t *info) {
 	return 0;
 }
 
-int user_login_setup(void **state) {
+int user_login_setup(void **state)
+{
 	token_info_t *info = (token_info_t *) *state;
 	CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
 	CK_RV rv;
 
-	if (prepare_token(info))
+	if (prepare_token(info)) {
 		fail_msg("Could not prepare token.\n");
+		exit(1);
+	}
 
 	debug_print("Logging in to the token!");
 	rv = function_pointer->C_Login(info->session_handle, CKU_USER,
 		token.pin, token.pin_length);
 
-	if(rv != CKR_OK)
+	if (rv != CKR_OK) {
 		fail_msg("Could not login to token with user PIN '%s'\n", token.pin);
+		exit(1);
+	}
 
 	return 0;
 }
 
-int after_test_cleanup(void **state) {
+int after_test_cleanup(void **state)
-
+{
 	token_info_t *info = (token_info_t *) *state;
 	CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
 
@@ -189,16 +207,20 @@ int after_test_cleanup(void **state) {
 	return 0;
 }
 
-int token_setup(void **state) {
+int token_setup(void **state)
+{
 	token_info_t *info = (token_info_t *) *state;
 
-	if(prepare_token(info))
+	if (prepare_token(info)) {
 		fail_msg("Could not prepare token.\n");
+		exit(1);
+	}
 
 	return 0;
 }
 
-int token_cleanup(void **state) {
+int token_cleanup(void **state)
+{
 	token_info_t *info = (token_info_t *) *state;
 
 	finalize_token(info);