Coverity Scan: Analysis completed for openssl/openssl

2022-10-16 Thread scan-admin 


Your request for analysis of openssl/openssl has been completed 
successfully.
The results are available at 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DAXVD_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEiP5wbfZ80OZ-2BOwwIYW2-2Fncc2qvlI3LW8emFl1nRod0tdY5vJxcEFctMoWSNTw2UVxWfVnb-2Bhe6hEL8JauNHWUKX13NjYkKHgitUMmRBYigCxBM1-2BZrpts90uvlniog7PXsuhY34leWMfOBqTbcLUQqui-2FrpxiLxItGOhOVIofgi0PDggKIXIPQbifrKH52wQ-3D

Build ID: 487605

Analysis Summary:
   New defects found: 0
   Defects eliminated: 1

[openssl/openssl] 9ab57f: Coverity 1515953: negative loop bound

2022-10-16 Thread Pauli 
  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 9ab57f29c78d8d69b6ba9c579521594d7170ca44
  
https://github.com/openssl/openssl/commit/9ab57f29c78d8d69b6ba9c579521594d7170ca44
  Author: Pauli 
  Date:   2022-10-14 (Fri, 14 Oct 2022)

  Changed paths:
M crypto/encode_decode/encoder_pkey.c

  Log Message:
  ---
  Coverity 1515953: negative loop bound

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19413)

[openssl/openssl] 5b5ab6: Fix an occasional CI failure due to unaligned access

2022-10-16 Thread Bernd Edlinger 
  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 5b5ab6ebe6d8bcb7487112d7382847abffb7c7ed
  
https://github.com/openssl/openssl/commit/5b5ab6ebe6d8bcb7487112d7382847abffb7c7ed
  Author: Bernd Edlinger 
  Date:   2022-10-13 (Thu, 13 Oct 2022)

  Changed paths:
M crypto/bn/rsaz_exp_x2.c

  Log Message:
  ---
  Fix an occasional CI failure due to unaligned access

This happens rarely, but only because very few CI runs
use the exotic CPU type that is necessary to execute
anything within rsaz_exp_x2.c and enable UBSAN at the same time.

crypto/bn/rsaz_exp_x2.c:562:20: runtime error: load of misaligned address 
0x61222cc6 for type 'uint64_t' (aka 'unsigned long'), which requires 8 byte 
alignment
0x61222cc6: note: pointer points here
 84 a3 78 e0 8e 8d  4a a5 51 9c 57 d0 d6 41  f3 26 d1 4e e1 98 42 b5  3a 9f 04 
f1 73 d2 1d bf  73 44
 ^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior 
crypto/bn/rsaz_exp_x2.c:562:20 in
../../util/wrap.pl ../../fuzz/server-test ../../fuzz/corpora/server => 1
not ok 2 - Fuzzing server

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19412)