Can anyone enlighten me as to why I can't find half of these defects in the coverity dashboard? None of the reported defects in the test cases seem to exist any more (and I'm fairly sure we didn't fix them). Actually I didn't think we scanned the tests at all, so I'm a little confused.
Matt -------- Forwarded Message -------- Subject: New Defects reported by Coverity Scan for openssl/openssl Date: Sun, 15 Apr 2018 07:51:06 +0000 (UTC) From: [email protected] To: [email protected] Hi, Please find the latest report on new defect(s) introduced to openssl/openssl found with Coverity Scan. 5 new defect(s) introduced to openssl/openssl found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s) ** CID 1434551: Code maintainability issues (SIZEOF_MISMATCH) /test/sslapitest.c: 3831 in create_new_vfile() ________________________________________________________________________________________________________ *** CID 1434551: Code maintainability issues (SIZEOF_MISMATCH) /test/sslapitest.c: 3831 in create_new_vfile() 3825 return ret; 3826 } 3827 3828 static int create_new_vfile(char *userid, char *password, const char *filename) 3829 { 3830 char *gNid = NULL; >>> CID 1434551: Code maintainability issues (SIZEOF_MISMATCH) >>> Passing argument "56UL /* sizeof (row) * (6 + 1) */" to function >>> "CRYPTO_zalloc" and then casting the return value to "OPENSSL_STRING *" is >>> suspicious. In this particular case "sizeof (OPENSSL_STRING *)" happens to >>> be equal to "sizeof (OPENSSL_STRING)", but this is not a portable >>> assumption. 3831 OPENSSL_STRING *row = OPENSSL_zalloc(sizeof(row) * (DB_NUMBER + 1)); 3832 TXT_DB *db = NULL; 3833 int ret = 0; 3834 BIO *out = NULL, *dummy = BIO_new_mem_buf("", 0); 3835 size_t i; 3836 ** CID 1434550: (RESOURCE_LEAK) /crypto/srp/srp_vfy.c: 73 in t_fromb64() /crypto/srp/srp_vfy.c: 97 in t_fromb64() ________________________________________________________________________________________________________ *** CID 1434550: (RESOURCE_LEAK) /crypto/srp/srp_vfy.c: 73 in t_fromb64() 67 * 2 bytes unencoded = 3 bytes encoded 68 * 3 bytes unencoded = 4 bytes encoded 69 * 4 bytes unencoded = 6 bytes encoded 70 * etc 71 */ 72 if (padsize == 3) >>> CID 1434550: (RESOURCE_LEAK) >>> Variable "ctx" going out of scope leaks the storage it points to. 73 return -1; 74 75 /* Valid padsize values are now 0, 1 or 2 */ 76 77 EVP_DecodeInit(ctx); 78 evp_encode_ctx_set_flags(ctx, EVP_ENCODE_CTX_USE_SRP_ALPHABET); /crypto/srp/srp_vfy.c: 97 in t_fromb64() 91 EVP_DecodeFinal(ctx, a + outl, &outl2); 92 outl += outl2; 93 94 /* Strip off the leading padding */ 95 if (padsize != 0) { 96 if ((int)padsize >= outl) >>> CID 1434550: (RESOURCE_LEAK) >>> Variable "ctx" going out of scope leaks the storage it points to. 97 return -1; 98 /* 99 * If we added 1 byte of padding prior to encoding then we have 2 bytes 100 * of "real" data which gets spread across 4 encoded bytes like this: 101 * (6 bits pad)(2 bits pad | 4 bits data)(6 bits data)(6 bits data) 102 * So 1 byte of pre-encoding padding results in 1 full byte of encoded ** CID 1434549: Error handling issues (CHECKED_RETURN) /test/evp_test.c: 1553 in encode_test_run() ________________________________________________________________________________________________________ *** CID 1434549: Error handling issues (CHECKED_RETURN) /test/evp_test.c: 1553 in encode_test_run() 1547 if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new()) 1548 || !TEST_ptr(encode_out = 1549 OPENSSL_malloc(EVP_ENCODE_LENGTH(expected->input_len)))) 1550 goto err; 1551 1552 EVP_EncodeInit(encode_ctx); >>> CID 1434549: Error handling issues (CHECKED_RETURN) >>> Calling "EVP_EncodeUpdate" without checking return value (as is done >>> elsewhere 4 out of 5 times). 1553 EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len, 1554 expected->input, expected->input_len); 1555 output_len = chunk_len; 1556 1557 EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len); 1558 output_len += chunk_len; ** CID 1434548: Error handling issues (CHECKED_RETURN) /test/drbgtest.c: 800 in run_multi_thread_test() ________________________________________________________________________________________________________ *** CID 1434548: Error handling issues (CHECKED_RETURN) /test/drbgtest.c: 800 in run_multi_thread_test() 794 private = RAND_DRBG_get0_private(); 795 RAND_DRBG_set_reseed_time_interval(public, 1); 796 RAND_DRBG_set_reseed_time_interval(private, 1); 797 798 do { 799 RAND_bytes(buf, sizeof(buf)); >>> CID 1434548: Error handling issues (CHECKED_RETURN) >>> Calling "RAND_priv_bytes" without checking return value (as is done >>> elsewhere 16 out of 18 times). 800 RAND_priv_bytes(buf, sizeof(buf)); 801 } 802 while(time(NULL) - start < 5); 803 } 804 805 # if defined(OPENSSL_SYS_WINDOWS) ** CID 1420020: Error handling issues (CHECKED_RETURN) /crypto/rand/drbg_lib.c: 872 in drbg_setup() ________________________________________________________________________________________________________ *** CID 1420020: Error handling issues (CHECKED_RETURN) /crypto/rand/drbg_lib.c: 872 in drbg_setup() 866 /* 867 * Ignore instantiation error so support just-in-time instantiation. 868 * 869 * The state of the drbg will be checked in RAND_DRBG_generate() and 870 * an automatic recovery is attempted. 871 */ >>> CID 1420020: Error handling issues (CHECKED_RETURN) >>> Calling "RAND_DRBG_instantiate" without checking return value (as is >>> done elsewhere 12 out of 15 times). 872 RAND_DRBG_instantiate(drbg, 873 (const unsigned char *) ossl_pers_string, 874 sizeof(ossl_pers_string) - 1); 875 return drbg; 876 877 err: ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUE4H-2Fm-2BeoDOl8jw7bf4Z78hw-3D-3D_jrN6Mkpcg292t2HUi6j2dOVH2S6heGK5ZBOjbNfqPH352dQ5xl0pmJRAY1ip5LVafcjoehH47QcmnVMVCHS75-2Ffv-2B94fTDmxchItGwcKtjA-2BglyL1TseBRnNUMhRjRykmFEkv8zDqkoLWEz-2BDl-2BBvfjUa-2BIbV1PG73z2fX3eGyKo-2FakWQ9j6MYAOjEEj-2BsmLXZo1rKLb3gaoucm4fJc-2FHQ-3D-3D To manage Coverity Scan email notifications for "[email protected]", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4XSSb7qvu4FGGtzK9WuNy1Lsp-2BrdaVsnhVj6c7TxZVrqIhf5NIcqyR2fY4BU0Ynocxg3sT5sVvEU3dzDXH7yZ8-2B3X-2BdloVx0HAWCGstNd5pk-3D_jrN6Mkpcg292t2HUi6j2dOVH2S6heGK5ZBOjbNfqPH352dQ5xl0pmJRAY1ip5LVaVaWmJmxMmT9A4rVYbckAU8jCnfVpDJqTWh7nUQks-2B649caFtImdjTQSntJYbRcLOQVS7nByix-2FIyHIS5piFXlYFU2c-2B3EVLKT1nlqloFoR24XYbeGsz9a0RKTdAUfY5uTegMqMm2s0pXbOLbDll9hw-3D-3D _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
