Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DiAcj_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeFVpsJHlMg2CBKRWVc-2FLQU4cQtXiCfiyq-2FiFwFWzh46-2B2q-2FWHVDBLto1g-2FwC6O121VYLp2dt8RoF5vqjjOUcPqM44GpvYUKyY21ddHyZrx3UhBi2K9w7YRLyJTu-2Bvz6Y7hw1CK0nOPCyD-2BrHFBdBhCsV6YzeUam8f8uF7ZShObXLr8Kdc-2F1z5u8nfuzDlnw-2Bu4-3D Build ID: 429924 Analysis Summary: New defects found: 1 Defects eliminated: 0 If you have difficulty understanding any defects, email us at scan-ad...@coverity.com, or post your question to StackOverflow at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DqP1U_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeFVpsJHlMg2CBKRWVc-2FLQU4cQtXiCfiyq-2FiFwFWzh46-2B0tt5F8tH3doT688l4X0lo7Rd-2B00kjmi-2Fm9ks8gMEtJEV0BdF-2FwG8YEPaCgL8hb9y7hriplHaunkt9DjvRoiTnmHsXPHxRB55H73xCIm61iPb1R6GFn7Ileu0OXZg-2FHep-2Bdomd74jhlw46Srz1hM-2BZc-3D
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3Deeoz_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeFcOtwuH2GjsmmRqCngW4Pv0P70wG-2FN6ts1QHdrdeiczrlXwb9tKU11DVVqQ6iRxLzFssEq6OijIqqR7L3WRReNbnuPPFZRdRiIZEBLJYmarQR7362kt-2FcL-2B4HGFg3RzI34bIThVdDzCuj9oV4LB4dFQJEIngyHNosH8sYL9VxLYqBew9-2BpeHw7b3EVDmUzTu4-3D Build ID: 429740 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated
via 5e7098e11581b6b3a4083a1c17889ed817e8ac22 (commit)
from f4942134815f95845706993c15ca7e4fd6e44627 (commit)
- Log -
commit 5e7098e11581b6b3a4083a1c17889ed817e8ac22
Author: Bernd Edlinger
Date: Tue Jan 11 12:10:35 2022 +0100
Remove unsafe call to OPENSSL_cpuid_setup
This function is inherently thread-unsafe,
and moreover it is unnecessary here, because
OPENSSL_init_crypto always calls it in a thread-safe way.
Reviewed-by: Matt Caswell
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/17468)
---
Summary of changes:
crypto/engine/eng_all.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
index b675ed7892..c570aeda3d 100644
--- a/crypto/engine/eng_all.c
+++ b/crypto/engine/eng_all.c
@@ -12,9 +12,6 @@
void ENGINE_load_builtin_engines(void)
{
-/* Some ENGINEs need this */
-OPENSSL_cpuid_setup();
-
OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL);
}
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 3dcec2fb274235e938ce04f43e3e2f6d5743ae52 (commit) from 3755dc294d2e24b741e235550d063850464467cb (commit) - Log - commit 3dcec2fb274235e938ce04f43e3e2f6d5743ae52 Author: Tomas Mraz Date: Mon Jan 10 17:09:59 2022 +0100 EVP_DigestSignFinal: *siglen should not be read if sigret == NULL This fixes small regression from #16962. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17460) (cherry picked from commit a4e01187d3648d9ce99507097400902cf21f9b55) --- Summary of changes: crypto/evp/m_sigver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 9188edbc21..7409780065 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -480,14 +480,14 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, if (sigret == NULL || (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0) return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx, sigret, siglen, - (siglen == NULL) ? 0 : *siglen); + sigret == NULL ? 0 : *siglen); dctx = EVP_PKEY_CTX_dup(pctx); if (dctx == NULL) return 0; r = dctx->op.sig.signature->digest_sign_final(dctx->op.sig.algctx, sigret, siglen, - (siglen == NULL) ? 0 : *siglen); + *siglen); EVP_PKEY_CTX_free(dctx); return r;
[openssl] master update
The branch master has been updated via a4e01187d3648d9ce99507097400902cf21f9b55 (commit) from a10a576090022e583a06271ceced8e38dd509657 (commit) - Log - commit a4e01187d3648d9ce99507097400902cf21f9b55 Author: Tomas Mraz Date: Mon Jan 10 17:09:59 2022 +0100 EVP_DigestSignFinal: *siglen should not be read if sigret == NULL This fixes small regression from #16962. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17460) --- Summary of changes: crypto/evp/m_sigver.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index e034189bb5..0993de0937 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -480,14 +480,14 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, if (sigret == NULL || (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0) return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx, sigret, siglen, - (siglen == NULL) ? 0 : *siglen); + sigret == NULL ? 0 : *siglen); dctx = EVP_PKEY_CTX_dup(pctx); if (dctx == NULL) return 0; r = dctx->op.sig.signature->digest_sign_final(dctx->op.sig.algctx, sigret, siglen, - (siglen == NULL) ? 0 : *siglen); + *siglen); EVP_PKEY_CTX_free(dctx); return r;
[openssl] master update
The branch master has been updated
via a10a576090022e583a06271ceced8e38dd509657 (commit)
via 3ee3a2bd1e5763b0df5c0a2cba3b06edc26f5276 (commit)
via 3831351da50b7ce07edba88056394a7a33c5e5d5 (commit)
via 291c5b3e39f4c98e61cf7f65056fe49780d1f0ac (commit)
via ac1082f00f991aca1c6e8282717fece16e9bb41f (commit)
via 826da1451b2525b70f93fcc57ed5dbab61a19591 (commit)
from b82fd89d8bae1445c89ec90d1a6145fe3216d2d7 (commit)
- Log -
commit a10a576090022e583a06271ceced8e38dd509657
Author: Pauli
Date: Mon Jan 10 11:36:24 2022 +1100
param dup: add errors to failure returns
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 3ee3a2bd1e5763b0df5c0a2cba3b06edc26f5276
Author: Pauli
Date: Mon Jan 10 11:33:06 2022 +1100
param build set: add errors to failure returns
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 3831351da50b7ce07edba88056394a7a33c5e5d5
Author: Pauli
Date: Mon Jan 10 11:31:45 2022 +1100
param build: add errors to failure returns
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 291c5b3e39f4c98e61cf7f65056fe49780d1f0ac
Author: Pauli
Date: Mon Jan 10 11:10:34 2022 +1100
test: check for properly raised errors during param conversion
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17440)
commit ac1082f00f991aca1c6e8282717fece16e9bb41f
Author: Pauli
Date: Fri Jan 7 22:11:10 2022 +1100
params: add error messages for built in param conversions
Specifically:
* out of range
* unsigned negatives
* inexact reals
* bad param types
* buffers that are too small
* null function arguments
* unknown sizes of real
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17440)
commit 826da1451b2525b70f93fcc57ed5dbab61a19591
Author: Pauli
Date: Fri Jan 7 22:10:38 2022 +1100
err: add additional errors
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/17440)
---
Summary of changes:
crypto/cpt_err.c | 20 ++-
crypto/err/openssl.txt| 15 ++-
crypto/param_build.c | 4 +-
crypto/param_build_set.c | 4 +-
crypto/params.c | 305 +++---
crypto/params_dup.c | 12 +-
include/crypto/cryptoerr.h| 2 +-
include/openssl/cryptoerr.h | 11 +-
test/params_conversion_test.c | 15 ++-
9 files changed, 324 insertions(+), 64 deletions(-)
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index 8574f31a81..02d631466c 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -29,14 +29,32 @@ static const ERR_STRING_DATA CRYPTO_str_reasons[] = {
"insufficient param size"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INSUFFICIENT_SECURE_DATA_SPACE),
"insufficient secure data space"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INTEGER_OVERFLOW),
+"integer overflow"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NEGATIVE_VALUE),
"invalid negative value"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_NULL_ARGUMENT),
"invalid null argument"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_INVALID_OSSL_PARAM_TYPE),
"invalid ossl param type"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_NO_PARAMS_TO_MERGE),
+"no params to merge"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_NO_SPACE_FOR_TERMINATING_NULL),
+"no space for terminating null"},
{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ODD_NUMBER_OF_DIGITS),
"odd number of digits"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_CANNOT_BE_REPRESENTED_EXACTLY),
+"param cannot be represented exactly"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_NOT_INTEGER_TYPE),
+"param not integer type"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_PARAM_OF_INCOMPATIBLE_TYPE),
+"param of incompatible type"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0,
CRYPTO_R_PARAM_UNSIGNED_INTEGER_NEGATIVE_VALUE_UNSUPPORTED),
+"param unsigned integer negative value unsupported"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0,
CRYPTO_R_PARAM_UNSUPPORTED_FLOATING_POINT_FORMAT),
+"param unsupported floating point format"},
+{ERR_PACK(ERR_LIB_CRYPTO, 0,
CRYPTO_R_PARAM_VALUE_TOO_LARGE_FOR_DESTINATION),
+"param value too large for
