Re: [openssl-users] tls1_change_cipher_state
Dennis Clarke wrote in <73f913f0-c7d0-2805-d28c-2273fc8c2...@blastwave.org>: |On 1/2/19 5:14 AM, Jakob Bohm via openssl-users wrote: |> On 02/01/2019 10:41, Matt Caswell wrote: |>> |>> On 27/12/2018 08:37, Dmitry Belyavsky wrote: |>>> Hello, |>>> |>>> Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 |>>> are unused in |>>> this function? |>> Looks that way. They should be removed. |>> |> |> By the way, why aren't any of your test compilers configured to |> warn about unused local variables? It's a common feature in many |> compilers and thus a free consistency check that can catch typos. | |Traditionally ( past four decades ) that was a feature provided by |something like 'lint' but I have not seen a lint picker lately other |than in the Oracle Studio compiler tools and it certainly isn't open |source in any way. Works very well however. I am not using it, but i occasionally see Christos Zoulas making commits to the NetBSD version of lint. They also seem to keep the code instrumented with comments like "falltrough" etc., for it. --steffen | |Der Kragenbaer,The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
On 02/01/2019 11:18, Dennis Clarke wrote: On 1/2/19 5:14 AM, Jakob Bohm via openssl-users wrote: On 02/01/2019 10:41, Matt Caswell wrote: On 27/12/2018 08:37, Dmitry Belyavsky wrote: Hello, Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are unused in this function? Looks that way. They should be removed. By the way, why aren't any of your test compilers configured to warn about unused local variables? It's a common feature in many compilers and thus a free consistency check that can catch typos. Traditionally ( past four decades ) that was a feature provided by something like 'lint' but I have not seen a lint picker lately other than in the Oracle Studio compiler tools and it certainly isn't open source in any way. Works very well however. Most traditional lint features have migrated into the compilers (as warnings). In this case gcc -Wunused enables a number of such warnings. Microsoft Visual C includes an advanced but flawed supplemental linter in the form of the PREfast (code analysis) feature, which tries to do semantic consistency checks for things like buffer sizes and semaphore use. This is closed source however. By the way, I wonder if there is a way to tell gcc or clang that OPENSSL_cleanse doesn't count as usage, without triggering other warnings (such as not using the value written by by OPENSSL_cleanse). Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
On 02/01/2019 10:14, Jakob Bohm via openssl-users wrote:
> On 02/01/2019 10:41, Matt Caswell wrote:
>>
>> On 27/12/2018 08:37, Dmitry Belyavsky wrote:
>>> Hello,
>>>
>>> Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are
>>> unused in
>>> this function?
>> Looks that way. They should be removed.
>>
>
> By the way, why aren't any of your test compilers configured to
> warn about unused local variables? It's a common feature in many
> compilers and thus a free consistency check that can catch typos.
We do have that, but in this particular case the compiler has been fooled into
thinking that the buffers are used:
int tls1_change_cipher_state(SSL *s, int which)
{
unsigned char *p, *mac_secret;
unsigned char tmp1[EVP_MAX_KEY_LENGTH];
unsigned char tmp2[EVP_MAX_KEY_LENGTH];
unsigned char iv1[EVP_MAX_IV_LENGTH * 2];
unsigned char iv2[EVP_MAX_IV_LENGTH * 2];
...
err2:
OPENSSL_cleanse(tmp1, sizeof(tmp1));
OPENSSL_cleanse(tmp2, sizeof(tmp1));
OPENSSL_cleanse(iv1, sizeof(iv1));
OPENSSL_cleanse(iv2, sizeof(iv2));
return (0);
}
Matt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
Hello, On Wed, Jan 2, 2019 at 12:41 PM Matt Caswell wrote: > > > On 27/12/2018 08:37, Dmitry Belyavsky wrote: > > Hello, > > > > Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are > unused in > > this function? > > Looks that way. They should be removed. > #7971 -- SY, Dmitry Belyavsky -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
On 1/2/19 5:14 AM, Jakob Bohm via openssl-users wrote: On 02/01/2019 10:41, Matt Caswell wrote: On 27/12/2018 08:37, Dmitry Belyavsky wrote: Hello, Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are unused in this function? Looks that way. They should be removed. By the way, why aren't any of your test compilers configured to warn about unused local variables? It's a common feature in many compilers and thus a free consistency check that can catch typos. Traditionally ( past four decades ) that was a feature provided by something like 'lint' but I have not seen a lint picker lately other than in the Oracle Studio compiler tools and it certainly isn't open source in any way. Works very well however. Dennis -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
Dear Jakob, On Wed, Jan 2, 2019 at 1:14 PM Jakob Bohm via openssl-users < openssl-users@openssl.org> wrote: > On 02/01/2019 10:41, Matt Caswell wrote: > > > > On 27/12/2018 08:37, Dmitry Belyavsky wrote: > >> Hello, > >> > >> Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are > unused in > >> this function? > > Looks that way. They should be removed. > > > > By the way, why aren't any of your test compilers configured to > warn about unused local variables? It's a common feature in many > compilers and thus a free consistency check that can catch typos. > > Of cause doing so requires establishing a coding standard for how > to silence such warnings where a local variable is used only in > conditionally compiled code. > I think that compiler treats them as used, because buffers are static and cleansed at the end of the function. -- SY, Dmitry Belyavsky -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
On 02/01/2019 10:41, Matt Caswell wrote: On 27/12/2018 08:37, Dmitry Belyavsky wrote: Hello, Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are unused in this function? Looks that way. They should be removed. By the way, why aren't any of your test compilers configured to warn about unused local variables? It's a common feature in many compilers and thus a free consistency check that can catch typos. Of cause doing so requires establishing a coding standard for how to silence such warnings where a local variable is used only in conditionally compiled code. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] tls1_change_cipher_state
On 27/12/2018 08:37, Dmitry Belyavsky wrote: > Hello, > > Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are unused > in > this function? Looks that way. They should be removed. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
