On Thu, Jan 26, 2012, Chris Wilson wrote: > Hi, > > We are using Sentry (a C/C++ static analysis tool) to analyze > openssl on a nightly basis. Sentry found that an uninitialiezd variable > usage was recently introduced in the commit 1.168. > > You can see the commit here, > http://cvs.openssl.org/filediff?f=openssl/ssl/s3_clnt.c&v1=1.167&v2=1.168 > > The import lines are, > > #ifndef OPENSSL_NO_DH > else if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) > { > DH *dh_srvr,*dh_clnt; <- dh_clnt declared uninitialized > SESS_CERT *scert = s->session->sess_cert; > > if (scert == NULL) {...} > > if (scert->peer_dh_tmp != NULL) <- Take true path > dh_srvr=scert->peer_dh_tmp; > else {... } > > if (s->s3->flags & ...) <- Take true path > { > EVP_PKEY *clkey = s->cert->key->privatekey; > if (clkey) <- Take false path > dh_clnt = EVP_PKEY_get1_DH(clkey); > if (dh_clnt == NULL) <- Uninitalized variable dh_clnt > used > } > > A possible solution to this problem, would be to assign val to 0 > on initialization. I suspect you'll have to look more closely at the > code in question to determine this. >
Thanks for the report, this should fix it: http://cvs.openssl.org/chngview?cn=22075 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
