https://bugzilla.mindrot.org/show_bug.cgi?id=2687
--- Comment #4 from Darren Tucker <[email protected]> --- Comment on attachment 2953 --> https://bugzilla.mindrot.org/attachment.cgi?id=2953 proposed coverity patch >+ if (ret == NULL) >+ return NULL; applied. > response = read_passphrase("Accept updated hostkeys? " > "(yes/no): ", RP_ECHO); >- if (strcasecmp(response, "yes") == 0) >+ if (response != NULL && strcasecmp(response, "yes") == >0) I think this is a false positive. read_passphrase() can only return NULL if given the RP_ALLOW_EOF flag, otherwise the return values all come from xstrdup which will provide a valid pointer or die trying. >- if (dlen > UINT_MAX) >+ if (digest == NULL || dlen > UINT_MAX) looks reasonable, applied. [several memory and fd leak fixes] seem reasonable, looking at them now. > dump_cfg_string(ServerOpCodes code, const char *val) > { >- if (val == NULL) >- return; > printf("%s %s\n", lookup_opcode_name(code), > val == NULL ? "none" : val); not sure what the intent of this was, will need to investigate. >diff --git a/sshkey.c b/sshkey.c >index 85fd1bd..58c1051 100644 >--- a/sshkey.c >+++ b/sshkey.c >@@ -1375,8 +1375,6 @@ sshkey_read(struct sshkey *ret, char **cpp) > retval = 0; > /*XXXX*/ > sshkey_free(k); >- if (retval != 0) >- break; > break; Dunno what that was supposed to be. Damien? 1.1 (djm 24-Jun-14): /*XXXX*/ 1.1 (djm 24-Jun-14): sshkey_free(k); 1.1 (djm 24-Jun-14): if (retval != 0) 1.1 (djm 24-Jun-14): break; -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
