[Bug 2687] New: Coverity scan fixes

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 3 04:01:12 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2687

            Bug ID: 2687
           Summary: Coverity scan fixes
           Product: Portable OpenSSH
           Version: 7.4p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 2953
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2953&action=edit
proposed coverity patch

Recent run on Coveriry revealed several issues:

auth-pam.c
 * NULL_RETURNS -- missing check before dereferencing allocated buffer

clientloop.c
 * REVERSE_INULL -- check for null after it was already dereferenced 
--> check for null earlier too

digest-openssl.c
 * NULL_RETURNS -- missing check for null

kex.c
 * RESOURCE_LEAK -- match_list() allocates data which is not freed in
several cases

readconf.c
 * RESOURCE_LEAK -- Variable "arg2" going out of scope leaks the
storage it points to.

servconf.c
 * DEADCODE -- cannot reach the expression ""none""

sshconnect.c
 * RESOURCE_LEAK -- Handle variable "auth_sock" going out of scope
leaks the handle.

sshconnect2.c
 * RESOURCE_LEAK -- Variable "blob" going out of scope leaks the
storage it points to.

sshkey.c
 * IDENTICAL_BRANCHES/DEADCODE

Let me know if the patch is acceptable or you need something to
improve. There are few more items in the scan that I will have to
investigate.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list