Closed Bug 353888 Opened 18 years ago Closed 18 years ago

klockwork IDs for ssl3con.c

Categories

(NSS :: Libraries, defect, P2)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: nelson, Assigned: alvolkov.bgs)

References

Details

(Keywords: klocwork)

Attachments

(1 file)

ID:       93124
Function: ssl3_ComputeRecordMAC
Location: nss/lib/ssl/ssl3con.c : 1695

'pad_bytes' might be used uninitialized in this function.

1654		unsigned int       pad_bytes; 

1669		case ssl_hmac_md5: /* used with TLS */ 
1670		    hashObj = HASH_GetRawHashObject(HASH_AlgMD5); 
1671		    break; 

1684		if (!isTLS) { 

1695		    hashObj->update(write_mac_context, mac_pad_1, pad_bytes); 

This is a false positive, since ssl_hmac_md5 is only used with TLS, so 
the code cannot take the !isTLS path after using case ssl_hmac_md5.
But we could easily silence this complaint by initializing pad_bytes to 0.

----

ID 93125, 93126 and 93127
Function: getWrappingKey

At line 4038, Klocwork thinks that Ks, pubWrapKey and privWrapKey are 
all uninitialized at lines 4038-4040.  pubWrapKey and PrivWrapKep are 
initialized with zero at their declarations at lines 3946-3947.  
I have marked those two IDs as "not a problem", but want to record them 
here, along with the real issue, which is Ks.

3945	    PK11SymKey *      Ks; 
3946	    SECKEYPublicKey   *pubWrapKey = NULL; 
3947	    SECKEYPrivateKey  *privWrapKey = NULL; 
4038		if (privWrapKey) SECKEY_DestroyPrivateKey(privWrapKey); 
4039		if (pubWrapKey) SECKEY_DestroyPublicKey(pubWrapKey); 
4040		if (Ks) PK11_FreeSymKey(Ks);
Attached patch fix as suggestedSplinter Review
Assignee: nobody → alexei.volkov.bugs
Status: NEW → ASSIGNED
Attachment #241124 - Flags: review?(nelson)
Comment on attachment 241124 [details] [diff] [review]
fix as suggested

r=nelson
Attachment #241124 - Flags: review?(nelson) → review+
Priority: -- → P2
Target Milestone: --- → 3.12
/cvsroot/mozilla/security/nss/lib/ssl/ssl3con.c,v  <--  ssl3con.c
new revision: 1.98; previous revision: 1.97
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
*** Bug 339911 has been marked as a duplicate of this bug. ***
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: