Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DydAv_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEqfAco6TRvTV6W-2FPCy6SwG-2B1P7U7WOjRpBDJ8Bv2tN2MWAc3pLqtBUdxI3zNX8rV46-2BCaSZFPCJdY0MtaOA7W07s1qoG3HticYGW9hbUfxSRzJJMjAaYWsQURZ-2BFsom4GXowltJhPKafr9UgcVjyfyWpmsPhjT9-2Fm6v8K-2Fd-2BYE3xviROv2QDY6NdA3CWnE6fM-3D Build ID: 483634 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl/openssl] 0747f9: OpenSSL::config: determine the MSVC target archite...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 0747f94b5f7b7f07f21384507ba1adaea6f99e88 https://github.com/openssl/openssl/commit/0747f94b5f7b7f07f21384507ba1adaea6f99e88 Author: Richard Levitte Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M .github/workflows/windows.yml M util/perl/OpenSSL/config.pm Log Message: --- OpenSSL::config: determine the MSVC target architecture by asking cl Since cl knows what architecture it builds fore, all depending on what the user set up, it makes sense to ask it, and use that result primarly, and only use the POSIX::uname() MACHINE value as a fallback. Also, this does indeed determine if cl is present or not. We drop the explicit names in .github/workflows/windows.yml as proof of concept. Fixes #19281 Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19285) Commit: e63f5fdcb2658961f29fe7bed7968c0dcf7328a7 https://github.com/openssl/openssl/commit/e63f5fdcb2658961f29fe7bed7968c0dcf7328a7 Author: Richard Levitte Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M util/perl/OpenSSL/config.pm Log Message: --- OpenSSL::config: Fix VMS guesses The MACHINE value from POSIX::uname() isn't trustworthy at all. MACHINE names like this has been seen: _HP__VMM___(1.67GHz/9.0MB) Perl's `$Config{archname}` is much more trustworthy, especially since VMS isn't a multiarch operating system, at least yet. Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19285) Commit: 2ba5bffa26c0c4677f48e730628c0b54c31c734c https://github.com/openssl/openssl/commit/2ba5bffa26c0c4677f48e730628c0b54c31c734c Author: Richard Levitte Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M util/perl/OpenSSL/config.pm Log Message: --- OpenSSL::config: Fix trivial bugs Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19285) Compare: https://github.com/openssl/openssl/compare/2de00f4f1e20...2ba5bffa26c0
[openssl/openssl] 79eeaf: OpenSSL::config: determine the MSVC target archite...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: 79eeaf97dd2ab5153875ea92699fe1b421869aa6 https://github.com/openssl/openssl/commit/79eeaf97dd2ab5153875ea92699fe1b421869aa6 Author: Richard Levitte Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M .github/workflows/windows.yml M util/perl/OpenSSL/config.pm Log Message: --- OpenSSL::config: determine the MSVC target architecture by asking cl Since cl knows what architecture it builds fore, all depending on what the user set up, it makes sense to ask it, and use that result primarly, and only use the POSIX::uname() MACHINE value as a fallback. Also, this does indeed determine if cl is present or not. We drop the explicit names in .github/workflows/windows.yml as proof of concept. Fixes #19281 Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19285) (cherry picked from commit 0747f94b5f7b7f07f21384507ba1adaea6f99e88) Commit: e9dd48486c2c796f3c9e315022c49d5c9edaf1b1 https://github.com/openssl/openssl/commit/e9dd48486c2c796f3c9e315022c49d5c9edaf1b1 Author: Richard Levitte Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M util/perl/OpenSSL/config.pm Log Message: --- OpenSSL::config: Fix VMS guesses The MACHINE value from POSIX::uname() isn't trustworthy at all. MACHINE names like this has been seen: _HP__VMM___(1.67GHz/9.0MB) Perl's `$Config{archname}` is much more trustworthy, especially since VMS isn't a multiarch operating system, at least yet. Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19285) (cherry picked from commit e63f5fdcb2658961f29fe7bed7968c0dcf7328a7) Commit: c71728b0d0ceaca5618e6fca2f2f41e6659624f4 https://github.com/openssl/openssl/commit/c71728b0d0ceaca5618e6fca2f2f41e6659624f4 Author: Richard Levitte Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M util/perl/OpenSSL/config.pm Log Message: --- OpenSSL::config: Fix trivial bugs Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/19285) (cherry picked from commit 2ba5bffa26c0c4677f48e730628c0b54c31c734c) Compare: https://github.com/openssl/openssl/compare/ae4fc850a70f...c71728b0d0ce
[openssl/openssl] 2de00f: djgpp: Skip test/rsa_complex.c
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2de00f4f1e20d3dd4cb8e3165f30146c1294f6d4 https://github.com/openssl/openssl/commit/2de00f4f1e20d3dd4cb8e3165f30146c1294f6d4 Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M test/rsa_complex.c Log Message: --- djgpp: Skip test/rsa_complex.c We don't have on djgpp, so this entire test can be skipped. Reviewed-by: Richard Levitte Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19286)
[openssl/openssl] ae4fc8: djgpp: Skip test/rsa_complex.c
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: ae4fc850a70f34d636024fe7c526d45f58560e6d https://github.com/openssl/openssl/commit/ae4fc850a70f34d636024fe7c526d45f58560e6d Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M test/rsa_complex.c Log Message: --- djgpp: Skip test/rsa_complex.c We don't have on djgpp, so this entire test can be skipped. Reviewed-by: Richard Levitte Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19286) (cherry picked from commit 2de00f4f1e20d3dd4cb8e3165f30146c1294f6d4)
[openssl/openssl] ed634b: djgpp: Inherit config from BASE_unix
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: ed634b1ea4e1826916dee97674fd09b5446139cb https://github.com/openssl/openssl/commit/ed634b1ea4e1826916dee97674fd09b5446139cb Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M Configurations/50-djgpp.conf Log Message: --- djgpp: Inherit config from BASE_unix Build failed on djgpp due to missing config vars 'AR' and 'ARFLAGS'. Additionally, '-lz' was not added to 'lflags' when zlib support was enabled. Inheriting configuration variables from BASE_unix solves both these issues. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) (cherry picked from commit 29d82bd95b6ef3428c7e776221612a083994219d) Commit: 7adcdb2a5144d826e2e74c019aa80a9d7eb6bcda https://github.com/openssl/openssl/commit/7adcdb2a5144d826e2e74c019aa80a9d7eb6bcda Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M e_os.h Log Message: --- djgpp: Use usleep() for ossl_sleep() This part failed to compile due to a circular dependency between internal/e_os.h and internal/time.h, when ossl_sleep() falls back to a busy wait. However, djgpp has a usleep function, so it can use the regular Unix version of ossl_sleep(). It's not great though. The resolution is only ~55ms, and it may break when a user program hooks the timer interrupt without periodically updating BIOS time. A high-resolution alternative is uclock(), but that is generally less desirable since it reprograms the system timer. The circular dependency is still there and may still cause trouble for other platforms. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) (cherry picked from commit 651255941c49a5089dfc011f2abd636433da8b82) Commit: 8a7e4f1177c83df5814d4c3de7054ccbdf9f0507 https://github.com/openssl/openssl/commit/8a7e4f1177c83df5814d4c3de7054ccbdf9f0507 Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M include/internal/sockets.h Log Message: --- djgpp: Define WATT32_NO_OLDIES before including socket headers If this macro is left undefined, Watt-32 will "helpfully" declare some typedefs such as 'byte' and 'word' in the global namespace. This broke compilation of apps/s_client.c. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) (cherry picked from commit 8ae74c5bc091e7388c082f090c1fde992c31320f) Compare: https://github.com/openssl/openssl/compare/8ff66343bdf6...8a7e4f1177c8
[openssl/openssl] 29d82b: djgpp: Inherit config from BASE_unix
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 29d82bd95b6ef3428c7e776221612a083994219d https://github.com/openssl/openssl/commit/29d82bd95b6ef3428c7e776221612a083994219d Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M Configurations/50-djgpp.conf Log Message: --- djgpp: Inherit config from BASE_unix Build failed on djgpp due to missing config vars 'AR' and 'ARFLAGS'. Additionally, '-lz' was not added to 'lflags' when zlib support was enabled. Inheriting configuration variables from BASE_unix solves both these issues. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) Commit: 651255941c49a5089dfc011f2abd636433da8b82 https://github.com/openssl/openssl/commit/651255941c49a5089dfc011f2abd636433da8b82 Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M include/internal/e_os.h Log Message: --- djgpp: Use usleep() for ossl_sleep() This part failed to compile due to a circular dependency between internal/e_os.h and internal/time.h, when ossl_sleep() falls back to a busy wait. However, djgpp has a usleep function, so it can use the regular Unix version of ossl_sleep(). It's not great though. The resolution is only ~55ms, and it may break when a user program hooks the timer interrupt without periodically updating BIOS time. A high-resolution alternative is uclock(), but that is generally less desirable since it reprograms the system timer. The circular dependency is still there and may still cause trouble for other platforms. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) Commit: 8ae74c5bc091e7388c082f090c1fde992c31320f https://github.com/openssl/openssl/commit/8ae74c5bc091e7388c082f090c1fde992c31320f Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M include/internal/sockets.h Log Message: --- djgpp: Define WATT32_NO_OLDIES before including socket headers If this macro is left undefined, Watt-32 will "helpfully" declare some typedefs such as 'byte' and 'word' in the global namespace. This broke compilation of apps/s_client.c. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) Commit: cffb65f2ff85f19418ed121275901674824e52ca https://github.com/openssl/openssl/commit/cffb65f2ff85f19418ed121275901674824e52ca Author: J.W. Jagersma Date: 2022-09-29 (Thu, 29 Sep 2022) Changed paths: M crypto/asn1/a_time.c Log Message: --- djgpp: Set TZ=UTC to convert UTC timestamp to time_t Since djgpp has neither a timezone variable or timegm(), this horrible method must be used. It is the only one I could find that produces accurate results, and is recommended as portable alternative to timegm() by the GNU libc manual. Reference: https://www.gnu.org/software/libc/manual/html_node/Broken_002ddown-Time.html#index-timegm Now, a much nicer alternative solution could be: timestamp_local = mktime(timestamp_tm); timestamp_utc = timestamp_local + timestamp_tm->tm_gmtoff - (timestamp_tm->tm_isdst ? 3600 : 0); This works due to the fact that mktime() populates the tm_gmtoff and tm_isdst fields in the source timestamp. It is accurate everywhere in the world, *except* on Lord Howe Island, Australia, where a 30 minute DST offset is used. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19274) Compare: https://github.com/openssl/openssl/compare/9710d72b95f4...cffb65f2ff85