[Bug 2687] Coverity scan fixes

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 10 14:09:07 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2687

--- Comment #4 from Darren Tucker <dtucker at zip.com.au> ---
Comment on attachment 2953
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2953
proposed coverity patch

>+	if (ret == NULL)
>+		return NULL;

applied.

> 			response = read_passphrase("Accept updated hostkeys? "
> 			    "(yes/no): ", RP_ECHO);
>-			if (strcasecmp(response, "yes") == 0)
>+			if (response != NULL && strcasecmp(response, "yes") == 0)

I think this is a false positive.
read_passphrase() can only return NULL if given the RP_ALLOW_EOF flag,
otherwise the return values all come from xstrdup which will provide a
valid pointer or die trying.

>-	if (dlen > UINT_MAX)
>+	if (digest == NULL || dlen > UINT_MAX)

looks reasonable, applied.

[several memory and fd leak fixes]

seem reasonable, looking at them now.

> dump_cfg_string(ServerOpCodes code, const char *val)
> {
>-	if (val == NULL)
>-		return;
> 	printf("%s %s\n", lookup_opcode_name(code),
> 	    val == NULL ? "none" : val);

not sure what the intent of this was, will need to investigate.

>diff --git a/sshkey.c b/sshkey.c
>index 85fd1bd..58c1051 100644
>--- a/sshkey.c
>+++ b/sshkey.c
>@@ -1375,8 +1375,6 @@ sshkey_read(struct sshkey *ret, char **cpp)
> 		retval = 0;
> /*XXXX*/
> 		sshkey_free(k);
>-		if (retval != 0)
>-			break;
> 		break;

Dunno what that was supposed to be.  Damien?

1.1          (djm      24-Jun-14): /*XXXX*/
1.1          (djm      24-Jun-14):              sshkey_free(k);
1.1          (djm      24-Jun-14):              if (retval != 0)
1.1          (djm      24-Jun-14):                      break;

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list