[Bug 2687] Coverity scan fixes

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Mar 10 15:00:21 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2687

--- Comment #6 from Darren Tucker <dtucker at zip.com.au> ---
Comment on attachment 2954
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2954
2nd part with lower priority

>diff --git a/krl.c b/krl.c
>index e271a19..69bec99 100644
>--- a/krl.c
>+++ b/krl.c
>@@ -1089,7 +1089,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
> 			break;
> 		case KRL_SECTION_SIGNATURE:
> 			/* Handled above, but still need to stay in synch */
>-			sshbuf_reset(sect);
>+			sshbuf_free(sect);

Not sure about this one.  Damien?

>-			    filename, linenum, arg ? arg : "<NONE>");
>+			    filename, linenum, arg);

I'm not sure removing this is a good idea; it might not be possible for
arg to be null right now but later?

>diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
>index aaf712d..62a76b3 100644
>--- a/ssh-pkcs11.c
>+++ b/ssh-pkcs11.c
>@@ -536,8 +536,8 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
> 				X509_free(x509);
> 		}
> 		if (rsa && rsa->n && rsa->e &&
>-		    pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) {
>-			key = sshkey_new(KEY_UNSPEC);
>+		    pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0 &&
>+		    (key = sshkey_new(KEY_UNSPEC)) == NULL) {

not sure about this either.  Damien?

>-	host_key = key_new(KEY_RSA1);
>+	if ((host_key = key_new(KEY_RSA1)) == NULL)
>+		fatal("%s: key_new(KEY_RSA1) failed", __func__);

applied (both instances)

>+	if (ret == NULL)
>+		return SSH_ERR_INVALID_ARGUMENT;

applied

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list