Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu7On3ENqKj59w4rEawU-2BYZgjBJ8Ay1pFYeVslaCebcWhw-3D-3DmoRM_bGLyfjQQhnPAMp6Vz8xksML07NHC5l7WMnVZN7GWb6qdFfgGe5EQ-2FPnqZBqyKUZFZL2xAaymxR3BONzPtScGZTtd1lHNdyiwKa7AcFqgf9HwZOGhlT8jyzX6f1nEHG8A-2FoUMFHfjO1Ikg0RV1sdPe1qvqK0P-2BB3GO0ysF9cT4a6jT4prhym0C0bPNXWDg-2FrxrsBOFW0pL1IUH5Ms-2FgsTIg-3D-3D Build ID: 611232 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl/openssl] 1c4f96: Security hardening: Expose Build flags for Positio...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 1c4f9684696bad3a602b388a414f2051f0365b3d https://github.com/openssl/openssl/commit/1c4f9684696bad3a602b388a414f2051f0365b3d Author: Craig Lorentzen Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M .github/workflows/run-checker-merge.yml M CHANGES.md M Configurations/00-base-templates.conf M Configure M INSTALL.md Log Message: --- Security hardening: Expose Build flags for Position Independed Execution (PIE) Reviewed-by: Tom Cosgrove Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22596) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 7614c2: Correct ossl_sleep for threaded model by introduci...
Branch: refs/heads/openssl-3.1 Home: https://github.com/openssl/openssl Commit: 7614c26f5f75af088aefbf61c7dea83dab61488b https://github.com/openssl/openssl/commit/7614c26f5f75af088aefbf61c7dea83dab61488b Author: Randall S. Becker Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M include/internal/e_os.h Log Message: --- Correct ossl_sleep for threaded model by introducing sleep(). This fix handles situations where ossl_sleep() receives a millis value equal or greater than 1000, which breaks platforms where this is not legal. The change also avoids unnecessarily calling sleep(0). Fixes: #23961 Signed-off-by: Randall S. Becker Reviewed-by: Tom Cosgrove Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/23972) (cherry picked from commit c263b1fd692bd610b1a3879a9cdad74f3ffe321d) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] c263b1: Correct ossl_sleep for threaded model by introduci...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: c263b1fd692bd610b1a3879a9cdad74f3ffe321d https://github.com/openssl/openssl/commit/c263b1fd692bd610b1a3879a9cdad74f3ffe321d Author: Randall S. Becker Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M e_os.h Log Message: --- Correct ossl_sleep for threaded model by introducing sleep(). This fix handles situations where ossl_sleep() receives a millis value equal or greater than 1000, which breaks platforms where this is not legal. The change also avoids unnecessarily calling sleep(0). Fixes: #23961 Signed-off-by: Randall S. Becker Reviewed-by: Tom Cosgrove Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/23972) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] c8dddc: Add a test for the session_secret_cb
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: c8dddc61d49f84d1667de97e9548f07ccc92dddf https://github.com/openssl/openssl/commit/c8dddc61d49f84d1667de97e9548f07ccc92dddf Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Add a test for the session_secret_cb Ensure that if a session_secret_cb is being used that a connection can be successfully made Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Commit: 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0 https://github.com/openssl/openssl/commit/91c7ab27cebe4e6f6a6376e0a691736a2534fdd0 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/statem/statem_srvr.c Log Message: --- Set the server sig algs before calling the session_secret_cb Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Commit: aecaaccaf93c4b36dd830accf08f2175059c5782 https://github.com/openssl/openssl/commit/aecaaccaf93c4b36dd830accf08f2175059c5782 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M doc/build.info A doc/man3/SSL_set_session_secret_cb.pod M util/missingssl.txt M util/other.syms Log Message: --- Document the SSL_set_session_secret_cb() function This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Commit: 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3 https://github.com/openssl/openssl/commit/97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/ssl_sess.c Log Message: --- Fix undefined behaviour in the event of a zero length session id Don't attempt to memcpy a NULL pointer if the length is 0. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) Compare: https://github.com/openssl/openssl/compare/327261c076b8...97c6489b39c9 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 5cb2a8: Add a test for the session_secret_cb
Branch: refs/heads/openssl-3.3 Home: https://github.com/openssl/openssl Commit: 5cb2a8fcc91b7b9bfffc70695df1bef29b495a60 https://github.com/openssl/openssl/commit/5cb2a8fcc91b7b9bfffc70695df1bef29b495a60 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Add a test for the session_secret_cb Ensure that if a session_secret_cb is being used that a connection can be successfully made Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit c8dddc61d49f84d1667de97e9548f07ccc92dddf) Commit: 9919027446dd8bb0cf5aad7d9580c32782f2d253 https://github.com/openssl/openssl/commit/9919027446dd8bb0cf5aad7d9580c32782f2d253 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/statem/statem_srvr.c Log Message: --- Set the server sig algs before calling the session_secret_cb Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0) Commit: 5cd860825061dc8cb7ef666ea7ec8c51999a5553 https://github.com/openssl/openssl/commit/5cd860825061dc8cb7ef666ea7ec8c51999a5553 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M doc/build.info A doc/man3/SSL_set_session_secret_cb.pod M util/missingssl.txt M util/other.syms Log Message: --- Document the SSL_set_session_secret_cb() function This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit aecaaccaf93c4b36dd830accf08f2175059c5782) Commit: 287165f1b7ce0193378b9365e675edd69fc289c4 https://github.com/openssl/openssl/commit/287165f1b7ce0193378b9365e675edd69fc289c4 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/ssl_sess.c Log Message: --- Fix undefined behaviour in the event of a zero length session id Don't attempt to memcpy a NULL pointer if the length is 0. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3) Compare: https://github.com/openssl/openssl/compare/168e49b5ab9e...287165f1b7ce To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 6f8ebf: Add a test for the session_secret_cb
Branch: refs/heads/openssl-3.2 Home: https://github.com/openssl/openssl Commit: 6f8ebfb9f73adbb9a2ad74c5d2cf5d4d056dfa71 https://github.com/openssl/openssl/commit/6f8ebfb9f73adbb9a2ad74c5d2cf5d4d056dfa71 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/sslapitest.c Log Message: --- Add a test for the session_secret_cb Ensure that if a session_secret_cb is being used that a connection can be successfully made Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit c8dddc61d49f84d1667de97e9548f07ccc92dddf) Commit: 8cdda690348d281abb75b787a436cd1c9462a9fd https://github.com/openssl/openssl/commit/8cdda690348d281abb75b787a436cd1c9462a9fd Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/statem/statem_srvr.c Log Message: --- Set the server sig algs before calling the session_secret_cb Setting the server sig algs sets up the certificate "s3->tmp.valid_flags". These are needed when calling ssl3_choose_cipher() which can happen immediately after calling the session_secret_cb Fixes #24213 Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 91c7ab27cebe4e6f6a6376e0a691736a2534fdd0) Commit: 6e526a0d987912891220617d682170976185cb5b https://github.com/openssl/openssl/commit/6e526a0d987912891220617d682170976185cb5b Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M doc/build.info A doc/man3/SSL_set_session_secret_cb.pod M util/missingssl.txt M util/other.syms Log Message: --- Document the SSL_set_session_secret_cb() function This function is only useful for EAP-FAST, but was previously undocumented. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit aecaaccaf93c4b36dd830accf08f2175059c5782) Commit: a79636d3aca7e996c2dc056a020488ea1fa396b1 https://github.com/openssl/openssl/commit/a79636d3aca7e996c2dc056a020488ea1fa396b1 Author: Matt Caswell Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M ssl/ssl_sess.c Log Message: --- Fix undefined behaviour in the event of a zero length session id Don't attempt to memcpy a NULL pointer if the length is 0. Reviewed-by: Neil Horman Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24309) (cherry picked from commit 97c6489b39c966c6e5169b9b92ec5fa9a35c7ba3) Compare: https://github.com/openssl/openssl/compare/a0f6e1f26287...a79636d3aca7 To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 168e49: test/threadstest.c: Add checks for CRYPTO_THREAD_l...
Branch: refs/heads/openssl-3.3 Home: https://github.com/openssl/openssl Commit: 168e49b5ab9e110c2cf618d025418d480f5166d6 https://github.com/openssl/openssl/commit/168e49b5ab9e110c2cf618d025418d480f5166d6 Author: Jiasheng Jiang Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/threadstest.c Log Message: --- test/threadstest.c: Add checks for CRYPTO_THREAD_lock_new() Add checks for the return value of CRYPTO_THREAD_lock_new() in order to avoid Null pointer dereference. Fixes: 5f8b812931 ("Add locking to atomic operations in rw/rcu tests") Fixes: d0e1a0ae70 ("RCU lock implementation") Fixes: 71a04cfca0 ("Implement new multi-threading API") Signed-off-by: Jiasheng Jiang Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24313) (cherry picked from commit 327261c076b8468382e1effea14d79446cc22b4d) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 327261: test/threadstest.c: Add checks for CRYPTO_THREAD_l...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 327261c076b8468382e1effea14d79446cc22b4d https://github.com/openssl/openssl/commit/327261c076b8468382e1effea14d79446cc22b4d Author: Jiasheng Jiang Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M test/threadstest.c Log Message: --- test/threadstest.c: Add checks for CRYPTO_THREAD_lock_new() Add checks for the return value of CRYPTO_THREAD_lock_new() in order to avoid Null pointer dereference. Fixes: 5f8b812931 ("Add locking to atomic operations in rw/rcu tests") Fixes: d0e1a0ae70 ("RCU lock implementation") Fixes: 71a04cfca0 ("Implement new multi-threading API") Signed-off-by: Jiasheng Jiang Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24313) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 51fd52: gitignore: ignore newly generated header
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 51fd52b8a791528971ca13aa4db94e5d50804b29 https://github.com/openssl/openssl/commit/51fd52b8a791528971ca13aa4db94e5d50804b29 Author: Dimitri John Ledkov Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M .gitignore Log Message: --- gitignore: ignore newly generated header Ignore generated include/openssl/x509_acert.h introduced in https://github.com/openssl/openssl/pull/15857 Signed-off-by: Dimitri John Ledkov Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/24287) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 12d40c: Fix error handling in CMS_EncryptedData_encrypt
Branch: refs/heads/openssl-3.3 Home: https://github.com/openssl/openssl Commit: 12d40c9af546607de5809fc10a211ac7ae4646b3 https://github.com/openssl/openssl/commit/12d40c9af546607de5809fc10a211ac7ae4646b3 Author: Bernd Edlinger Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M crypto/cms/cms_asn1.c M crypto/cms/cms_env.c M crypto/cms/cms_lib.c M crypto/cms/cms_local.h M crypto/cms/cms_sd.c M crypto/cms/cms_smime.c M test/recipes/80-test_cms.t Log Message: --- Fix error handling in CMS_EncryptedData_encrypt That caused several memory leaks in case of error. Also when the CMS object that is created by CMS_EncryptedData_encrypt is not used in the normal way, but instead just deleted by CMS_ContentInfo_free some memory was lost. Fixes #21985 Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22031) (cherry picked from commit 6d2a01cdfb56fdb8ea5d5dd417724e6906c8b8e2) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] a0f6e1: Fix error handling in CMS_EncryptedData_encrypt
Branch: refs/heads/openssl-3.2 Home: https://github.com/openssl/openssl Commit: a0f6e1f26287280b2961f6bab7addb7a5ad45c1e https://github.com/openssl/openssl/commit/a0f6e1f26287280b2961f6bab7addb7a5ad45c1e Author: Bernd Edlinger Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M crypto/cms/cms_asn1.c M crypto/cms/cms_env.c M crypto/cms/cms_lib.c M crypto/cms/cms_local.h M crypto/cms/cms_sd.c M crypto/cms/cms_smime.c M test/recipes/80-test_cms.t Log Message: --- Fix error handling in CMS_EncryptedData_encrypt That caused several memory leaks in case of error. Also when the CMS object that is created by CMS_EncryptedData_encrypt is not used in the normal way, but instead just deleted by CMS_ContentInfo_free some memory was lost. Fixes #21985 Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22031) (cherry picked from commit 6d2a01cdfb56fdb8ea5d5dd417724e6906c8b8e2) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
[openssl/openssl] 6d2a01: Fix error handling in CMS_EncryptedData_encrypt
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 6d2a01cdfb56fdb8ea5d5dd417724e6906c8b8e2 https://github.com/openssl/openssl/commit/6d2a01cdfb56fdb8ea5d5dd417724e6906c8b8e2 Author: Bernd Edlinger Date: 2024-05-06 (Mon, 06 May 2024) Changed paths: M crypto/cms/cms_asn1.c M crypto/cms/cms_env.c M crypto/cms/cms_lib.c M crypto/cms/cms_local.h M crypto/cms/cms_sd.c M crypto/cms/cms_smime.c M test/recipes/80-test_cms.t Log Message: --- Fix error handling in CMS_EncryptedData_encrypt That caused several memory leaks in case of error. Also when the CMS object that is created by CMS_EncryptedData_encrypt is not used in the normal way, but instead just deleted by CMS_ContentInfo_free some memory was lost. Fixes #21985 Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/22031) To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications