[Bug 2687] Coverity scan fixes

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Mar 3 20:42:00 AEDT 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=2687

--- Comment #26 from Darren Tucker <dtucker at dtucker.net> ---
Comment on attachment 3287
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3287
New coverity issues from 8.0p1 release

Need to take a closer look at ssh_api.c but the rest of these seem
fixed:

>@@ -2228,6 +2228,9 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
> 			cp = cp + strspn(cp, " \t");
> 			hash_to_blob(cp, &blob, &blen, file, lnum);
> 			r = ssh_krl_revoke_key_sha256(krl, blob, blen);
>+			freezero(blob, blen);
>+			blob = NULL;
>+			blen = 0;

There's now a call to fatal here, so I think this is fixed albeit in a
different way.

>From 73bf5d1f21852f8e6ea315c64a6960a27f1c2c0d Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Mon, 27 May 2019 14:02:12 +0200
>Subject: [PATCH 3/6] Coverity: leaked storage
>
> 43. openssh-8.0p1/auth-options.c:538: leaked_storage: Variable "opt" going out of scope leaks the storage it points to.

This one has been fixed.

>From e6e54a94be55110d7b4bf2a220d8f7c2f5d4062d Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Mon, 27 May 2019 14:06:23 +0200
>Subject: [PATCH 4/6] Coverity: Remove unused variable max
>
> 1. openssh-8.0p1/ssh-pkcs11-helper.c:356:3: warning: Value stored to 'max' is never read

This one has been removed.

>From 14eab3a31c68b5aaed307fdf6a3260c3a3035d7f Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Mon, 27 May 2019 14:14:58 +0200
>Subject: [PATCH 6/6] Coverity: Unused variable r
>
> 1. openssh-8.0p1/auth2.c:221:2: warning: Value stored to 'r' is never read

This one has been fixed.

--- Comment #27 from Darren Tucker <dtucker at dtucker.net> ---
Comment on attachment 3287
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3287
New coverity issues from 8.0p1 release

Need to take a closer look at ssh_api.c but the rest of these seem
fixed:

>@@ -2228,6 +2228,9 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
> 			cp = cp + strspn(cp, " \t");
> 			hash_to_blob(cp, &blob, &blen, file, lnum);
> 			r = ssh_krl_revoke_key_sha256(krl, blob, blen);
>+			freezero(blob, blen);
>+			blob = NULL;
>+			blen = 0;

There's now a call to fatal here, so I think this is fixed albeit in a
different way.

>From 73bf5d1f21852f8e6ea315c64a6960a27f1c2c0d Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Mon, 27 May 2019 14:02:12 +0200
>Subject: [PATCH 3/6] Coverity: leaked storage
>
> 43. openssh-8.0p1/auth-options.c:538: leaked_storage: Variable "opt" going out of scope leaks the storage it points to.

This one has been fixed.

>From e6e54a94be55110d7b4bf2a220d8f7c2f5d4062d Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Mon, 27 May 2019 14:06:23 +0200
>Subject: [PATCH 4/6] Coverity: Remove unused variable max
>
> 1. openssh-8.0p1/ssh-pkcs11-helper.c:356:3: warning: Value stored to 'max' is never read

This one has been removed.

>From 14eab3a31c68b5aaed307fdf6a3260c3a3035d7f Mon Sep 17 00:00:00 2001
>From: Jakub Jelen <jjelen at redhat.com>
>Date: Mon, 27 May 2019 14:14:58 +0200
>Subject: [PATCH 6/6] Coverity: Unused variable r
>
> 1. openssh-8.0p1/auth2.c:221:2: warning: Value stored to 'r' is never read

This one has been fixed.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list