On Thu, Jul 03, 2014 at 11:35:15PM +0200, Kurt Roeckx wrote:
> On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
> > On 3 July 2014 20:06, Kurt Roeckx via RT <[email protected]> wrote:
> > > On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf F?rster via RT wrote:
> > >> I think cppcheck is right here in void DES_ofb64_encrypt(), line 84, 85
> > >> and 96, or ?:
> > >>
> > > The line before that:
> > >
> > > dp=d;
> > >> l2c(v0,dp);<--- Uninitialized variable: d
> > >> l2c(v1,dp);<--- Uninitialized variable: d
> > >> while (l--)
> > >> {
> > >> if (n == 0)
> > >> {
> > >> DES_encrypt1(ti,schedule,DES_ENCRYPT);
> > >> dp=d;
> > >> t=ti[0]; l2c(t,dp);
> > >> t=ti[1]; l2c(t,dp);
> > >> save++;
> > >> }
> > >> *(out++)= *(in++)^d[n];<--- Uninitialized variable: d
> > >> n=(n+1)&0x07;
> > >> }
> > >
> > > d is uninitialized, but it's being written to, not read from,
> > > so I don't see a problem with this.
> >
> > What?
>
> So l2c is:
> #define l2c(l,c) (*((c)++)=(unsigned char)(((l))&0xff), \
> *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
> *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
> *((c)++)=(unsigned char)(((l)>>24L)&0xff))
>
> It reads v0 and v1 and writes to d (dp). d being uninitialized
> shouldn't be an issue. Or am I missing something?
Yes, c (which is d) is both incremented and dereferenced.
-Otto
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
