FYI... Coverity Scan results for Windows x86.
---------- Forwarded message ----------
From: <scan-ad...@coverity.com>
Date: Fri, Mar 17, 2017 at 8:34 PM
Subject: New Defects reported by Coverity Scan for Cryptopp
To: webmas...@cryptopp.com
Hi,
Please find the latest report on new defect(s) introduced to Cryptopp
found with Coverity Scan.
4 new defect(s) introduced to Cryptopp found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 177744: (UNINIT_CTOR)
/drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA1, (unsigned int)16,
(unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned int,
const unsigned char *, unsigned int, const unsigned char *, unsigned
int)()
/drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA256, (unsigned
int)16, (unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned
int, const unsigned char *, unsigned int, const unsigned char *,
unsigned int)()
________________________________________________________________________________________________________
*** CID 177744: (UNINIT_CTOR)
/drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA1, (unsigned int)16,
(unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned int,
const unsigned char *, unsigned int, const unsigned char *, unsigned
int)()
322 HMAC_DRBG(const byte* entropy=NULLPTR, size_t
entropyLength=STRENGTH, const byte* nonce=NULLPTR,
323 size_t nonceLength=0, const byte*
personalization=NULLPTR, size_t personalizationLength=0)
324 : NIST_DRBG(), m_k(HASH::DIGESTSIZE), m_v(HASH::DIGESTSIZE)
325 {
326 if (entropy != NULLPTR && entropyLength != 0)
327 DRBG_Instantiate(entropy, entropyLength, nonce,
nonceLength, personalization, personalizationLength);
>>> CID 177744: (UNINIT_CTOR)
>>> Non-static class member "m_reseed" is not initialized in this
>>> constructor nor in any functions that it calls.
328 }
329
330 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;}
331 unsigned int GetSeedLength() const {return SEED_LENGTH;}
332 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;}
333 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;}
/drbg.h: 328 in CryptoPP::HMAC_DRBG<CryptoPP::SHA256, (unsigned
int)16, (unsigned int)55>::HMAC_DRBG(const unsigned char *, unsigned
int, const unsigned char *, unsigned int, const unsigned char *,
unsigned int)()
322 HMAC_DRBG(const byte* entropy=NULLPTR, size_t
entropyLength=STRENGTH, const byte* nonce=NULLPTR,
323 size_t nonceLength=0, const byte*
personalization=NULLPTR, size_t personalizationLength=0)
324 : NIST_DRBG(), m_k(HASH::DIGESTSIZE), m_v(HASH::DIGESTSIZE)
325 {
326 if (entropy != NULLPTR && entropyLength != 0)
327 DRBG_Instantiate(entropy, entropyLength, nonce,
nonceLength, personalization, personalizationLength);
>>> CID 177744: (UNINIT_CTOR)
>>> Non-static class member "m_reseed" is not initialized in this
>>> constructor nor in any functions that it calls.
328 }
329
330 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;}
331 unsigned int GetSeedLength() const {return SEED_LENGTH;}
332 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;}
333 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;}
** CID 177743: (UNINIT_CTOR)
/drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA512, (unsigned
int)32, (unsigned int)111>::Hash_DRBG(const unsigned char *, unsigned
int, const unsigned char *, unsigned int, const unsigned char *,
unsigned int)()
/drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA256, (unsigned
int)16, (unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned
int, const unsigned char *, unsigned int, const unsigned char *,
unsigned int)()
/drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA1, (unsigned int)16,
(unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned int,
const unsigned char *, unsigned int, const unsigned char *, unsigned
int)()
________________________________________________________________________________________________________
*** CID 177743: (UNINIT_CTOR)
/drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA512, (unsigned
int)32, (unsigned int)111>::Hash_DRBG(const unsigned char *, unsigned
int, const unsigned char *, unsigned int, const unsigned char *,
unsigned int)()
208 Hash_DRBG(const byte* entropy=NULLPTR, size_t
entropyLength=STRENGTH, const byte* nonce=NULLPTR,
209 size_t nonceLength=0, const byte*
personalization=NULLPTR, size_t personalizationLength=0)
210 : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH)
211 {
212 if (entropy != NULLPTR && entropyLength != 0)
213 DRBG_Instantiate(entropy, entropyLength, nonce,
nonceLength, personalization, personalizationLength);
>>> CID 177743: (UNINIT_CTOR)
>>> Non-static class member "m_reseed" is not initialized in this
>>> constructor nor in any functions that it calls.
214 }
215
216 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;}
217 unsigned int GetSeedLength() const {return SEED_LENGTH;}
218 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;}
219 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;}
/drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA256, (unsigned
int)16, (unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned
int, const unsigned char *, unsigned int, const unsigned char *,
unsigned int)()
208 Hash_DRBG(const byte* entropy=NULLPTR, size_t
entropyLength=STRENGTH, const byte* nonce=NULLPTR,
209 size_t nonceLength=0, const byte*
personalization=NULLPTR, size_t personalizationLength=0)
210 : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH)
211 {
212 if (entropy != NULLPTR && entropyLength != 0)
213 DRBG_Instantiate(entropy, entropyLength, nonce,
nonceLength, personalization, personalizationLength);
>>> CID 177743: (UNINIT_CTOR)
>>> Non-static class member "m_reseed" is not initialized in this
>>> constructor nor in any functions that it calls.
214 }
215
216 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;}
217 unsigned int GetSeedLength() const {return SEED_LENGTH;}
218 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;}
219 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;}
/drbg.h: 214 in CryptoPP::Hash_DRBG<CryptoPP::SHA1, (unsigned int)16,
(unsigned int)55>::Hash_DRBG(const unsigned char *, unsigned int,
const unsigned char *, unsigned int, const unsigned char *, unsigned
int)()
208 Hash_DRBG(const byte* entropy=NULLPTR, size_t
entropyLength=STRENGTH, const byte* nonce=NULLPTR,
209 size_t nonceLength=0, const byte*
personalization=NULLPTR, size_t personalizationLength=0)
210 : NIST_DRBG(), m_c(SEEDLENGTH), m_v(SEEDLENGTH)
211 {
212 if (entropy != NULLPTR && entropyLength != 0)
213 DRBG_Instantiate(entropy, entropyLength, nonce,
nonceLength, personalization, personalizationLength);
>>> CID 177743: (UNINIT_CTOR)
>>> Non-static class member "m_reseed" is not initialized in this
>>> constructor nor in any functions that it calls.
214 }
215
216 unsigned int GetSecurityStrength() const {return SECURITY_STRENGTH;}
217 unsigned int GetSeedLength() const {return SEED_LENGTH;}
218 unsigned int GetMinEntropy() const {return MINIMUM_ENTROPY;}
219 unsigned int GetMaxEntropy() const {return MAXIMUM_ENTROPY;}
** CID 171239: Uninitialized variables (UNINIT)
/cpu.cpp: 227 in CryptoPP::DetectX86Features()()
________________________________________________________________________________________________________
*** CID 171239: Uninitialized variables (UNINIT)
/cpu.cpp: 227 in CryptoPP::DetectX86Features()()
221 #elif HAVE_GCC_CONSTRUCTOR0
222 void __attribute__ ((constructor)) DetectX86Features()
223 #else
224 void DetectX86Features()
225 #endif
226 {
>>> CID 171239: Uninitialized variables (UNINIT)
>>> Declaring variable "cpuid" without initializer.
227 word32 cpuid[4], cpuid1[4];
228 if (!CpuId(0, cpuid))
229 return;
230 if (!CpuId(1, cpuid1))
231 return;
232
** CID 171200: Incorrect expression (COPY_PASTE_ERROR)
/Program Files (x86)/Microsoft Visual Studio 14.0/VC/include/deque:
1715 in std::deque<unsigned long long, std::allocator<unsigned long
long>>::_Insert_n(std::_Deque_const_iterator<std::_Deque_val<std::_Deque_simple_types<unsigned
long long>>>, unsigned int, const unsigned long long &)()
________________________________________________________________________________________________________
*** CID 171200: Incorrect expression (COPY_PASTE_ERROR)
/Program Files (x86)/Microsoft Visual Studio 14.0/VC/include/deque:
1715 in std::deque<unsigned long long, std::allocator<unsigned long
long>>::_Insert_n(std::_Deque_const_iterator<std::_Deque_val<std::_Deque_simple_types<unsigned
long long>>>, unsigned int, const unsigned long long &)()
1709 _TRY_BEGIN
1710 if (_Off < _Count)
1711 { // insert longer than prefix
1712 for (_Num = _Count - _Off; 0 <
_Num; --_Num)
1713 push_front(_Val);
// push excess values
1714 for (_Num = _Off; 0 < _Num; --_Num)
>>> CID 171200: Incorrect expression (COPY_PASTE_ERROR)
>>> "_Count" in "_Count - 1U" looks like a copy-paste error.
1715
push_front(begin()[_Count - 1]); // push prefix
1716
1717 _Mid = begin() + _Count;
1718 _STD fill(_Mid, _Mid + _Off,
1719 _Val); // fill in
rest of values
1720 }
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com.
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cryptopp-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
