FYI... Coverity Scan results for Windows x86. ---------- Forwarded message ---------- From: <scan-ad...@coverity.com> Date: Fri, Mar 17, 2017 at 8:34 PM Subject: New Defects reported by Coverity Scan for Cryptopp To: webmas...@cryptopp.com
Hi, Please find the latest report on new defect(s) introduced to Cryptopp found with Coverity Scan. 4 new defect(s) introduced to Cryptopp found with Coverity Scan. 6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 177744: (UNINIT_CTOR) /drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA1, (unsigned int)16, (unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() /drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA256, (unsigned int)16, (unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() ________________________________________________________________________________________________________ *** CID 177744: (UNINIT_CTOR) /drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA1, (unsigned int)16, (unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() 322 HMAC_DRBG(const byte* entropy=NULLPTR, size_t entropyLength=STRENGTH, const byte* nonce=NULLPTR, 323 size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0) 324 : NIST_DRBG(), m_k(HASH::DIGESTSIZE), m_v(HASH::DIGESTSIZE) 325 { 326 if (entropy != NULLPTR && entropyLength != 0) 327 DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength); >>> CID 177744: (UNINIT_CTOR) >>> Non-static class member "m_reseed" is not initialized in this >>> constructor nor in any functions that it calls. 328 } 329 330 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;} 331 unsigned int GetSeedLength() const {return SEED_LENGTH;} 332 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;} 333 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;} /drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA256, (unsigned int)16, (unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() 322 HMAC_DRBG(const byte* entropy=NULLPTR, size_t entropyLength=STRENGTH, const byte* nonce=NULLPTR, 323 size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0) 324 : NIST_DRBG(), m_k(HASH::DIGESTSIZE), m_v(HASH::DIGESTSIZE) 325 { 326 if (entropy != NULLPTR && entropyLength != 0) 327 DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength); >>> CID 177744: (UNINIT_CTOR) >>> Non-static class member "m_reseed" is not initialized in this >>> constructor nor in any functions that it calls. 328 } 329 330 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;} 331 unsigned int GetSeedLength() const {return SEED_LENGTH;} 332 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;} 333 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;} ** CID 177743: (UNINIT_CTOR) /drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA512, (unsigned int)32, (unsigned int)111>::Hash_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() /drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA256, (unsigned int)16, (unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() /drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA1, (unsigned int)16, (unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() ________________________________________________________________________________________________________ *** CID 177743: (UNINIT_CTOR) /drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA512, (unsigned int)32, (unsigned int)111>::Hash_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() 208 Hash_DRBG(const byte* entropy=NULLPTR, size_t entropyLength=STRENGTH, const byte* nonce=NULLPTR, 209 size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0) 210 : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH) 211 { 212 if (entropy != NULLPTR && entropyLength != 0) 213 DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength); >>> CID 177743: (UNINIT_CTOR) >>> Non-static class member "m_reseed" is not initialized in this >>> constructor nor in any functions that it calls. 214 } 215 216 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;} 217 unsigned int GetSeedLength() const {return SEED_LENGTH;} 218 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;} 219 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;} /drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA256, (unsigned int)16, (unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() 208 Hash_DRBG(const byte* entropy=NULLPTR, size_t entropyLength=STRENGTH, const byte* nonce=NULLPTR, 209 size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0) 210 : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH) 211 { 212 if (entropy != NULLPTR && entropyLength != 0) 213 DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength); >>> CID 177743: (UNINIT_CTOR) >>> Non-static class member "m_reseed" is not initialized in this >>> constructor nor in any functions that it calls. 214 } 215 216 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;} 217 unsigned int GetSeedLength() const {return SEED_LENGTH;} 218 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;} 219 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;} /drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA1, (unsigned int)16, (unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned int, const unsigned char *, unsigned int, const unsigned char *, unsigned int)() 208 Hash_DRBG(const byte* entropy=NULLPTR, size_t entropyLength=STRENGTH, const byte* nonce=NULLPTR, 209 size_t nonceLength=0, const byte* personalization=NULLPTR, size_t personalizationLength=0) 210 : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH) 211 { 212 if (entropy != NULLPTR && entropyLength != 0) 213 DRBG_Instantiate(entropy, entropyLength, nonce, nonceLength, personalization, personalizationLength); >>> CID 177743: (UNINIT_CTOR) >>> Non-static class member "m_reseed" is not initialized in this >>> constructor nor in any functions that it calls. 214 } 215 216 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;} 217 unsigned int GetSeedLength() const {return SEED_LENGTH;} 218 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;} 219 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;} ** CID 171239: Uninitialized variables (UNINIT) /cpu.cpp: 227 in CryptoPP::DetectX86Features()() ________________________________________________________________________________________________________ *** CID 171239: Uninitialized variables (UNINIT) /cpu.cpp: 227 in CryptoPP::DetectX86Features()() 221 #elif HAVE_GCC_CONSTRUCTOR0 222 void __attribute__ ((constructor)) DetectX86Features() 223 #else 224 void DetectX86Features() 225 #endif 226 { >>> CID 171239: Uninitialized variables (UNINIT) >>> Declaring variable "cpuid" without initializer. 227 word32 cpuid[4], cpuid1[4]; 228 if (!CpuId(0, cpuid)) 229 return; 230 if (!CpuId(1, cpuid1)) 231 return; 232 ** CID 171200: Incorrect expression (COPY_PASTE_ERROR) /Program Files (x86)/Microsoft Visual Studio 14.0/VC/include/deque: 1715 in std::deque<unsigned long long, std::allocator<unsigned long long>>::_Insert_n(std::_Deque_const_iterator<std::_Deque_val<std::_Deque_simple_types<unsigned long long>>>, unsigned int, const unsigned long long &)() ________________________________________________________________________________________________________ *** CID 171200: Incorrect expression (COPY_PASTE_ERROR) /Program Files (x86)/Microsoft Visual Studio 14.0/VC/include/deque: 1715 in std::deque<unsigned long long, std::allocator<unsigned long long>>::_Insert_n(std::_Deque_const_iterator<std::_Deque_val<std::_Deque_simple_types<unsigned long long>>>, unsigned int, const unsigned long long &)() 1709 _TRY_BEGIN 1710 if (_Off < _Count) 1711 { // insert longer than prefix 1712 for (_Num = _Count - _Off; 0 < _Num; --_Num) 1713 push_front(_Val); // push excess values 1714 for (_Num = _Off; 0 < _Num; --_Num) >>> CID 171200: Incorrect expression (COPY_PASTE_ERROR) >>> "_Count" in "_Count - 1U" looks like a copy-paste error. 1715 push_front(begin()[_Count - 1]); // push prefix 1716 1717 _Mid = begin() + _Count; 1718 _STD fill(_Mid, _Mid + _Off, 1719 _Val); // fill in rest of values 1720 } -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.