ecperf coverity issues

RESOLVED FIXED in 3.25

Status

RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: fkiefer, Assigned: fkiefer)

Tracking

(Blocks: 1 bug, {coverity})

trunk
3.25
coverity

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [CID 1361854]-[CID 1361860][CID 1361867][CID 1361868])

Attachments

(1 attachment)

Coverity found multiple issues in the re-enabled ecperf tests.
Whiteboard: [CID 1361854]-[CID 1361860][CID 1361867][CID 1361868]
Created attachment 8754739 [details] [diff] [review]
ecperf-coverity.patch

fixing issues found by coverity in ecperf.
Most changes should be self explanatory.
The additional SEC_OID_UNKNOWN are necessary to make that map the size of ECCurve_pastLastCurve
Attachment #8754739 - Flags: review?(ttaubert)
Comment on attachment 8754739 [details] [diff] [review]
ecperf-coverity.patch

Review of attachment 8754739 [details] [diff] [review]:
-----------------------------------------------------------------

::: cmd/ecperf/ecperf.c
@@ +210,5 @@
>                  rv = (*opfunc)(param1, param2, param3);
>              }
> +            if (rv != SECSuccess) {
> +                SECU_PrintError("Error:", op);
> +                return rv;

We'd leak |threadIDs| and |threadData| here, maybe introduce a "loser" or "cleanup" label or something?

@@ +404,5 @@
>      if (crv != CKR_OK) {
>          printf("Sign Failed CK_RV=0x%x\n", (int)crv);
>          return SECFailure;
>      }
> +    sig->len = (unsigned long)sigLen;

Maybe |sig->len = (CK_ULONG)sigLen| ?

::: lib/softoken/pkcs11c.c
@@ +2070,5 @@
>      switch (pMechanism->mechanism) {
>      case CKM_RC2_MAC_GENERAL:
> +	if (!pMechanism->pParameter) {
> +	    return CKR_ARGUMENTS_BAD;
> +	}

Hmmm is that right thing to return? Or rather CKR_MECHANISM_PARAM_INVALID?
Attachment #8754739 - Flags: review?(ttaubert) → review+
landed as https://hg.mozilla.org/projects/nss/rev/83c8b17160fe
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.25
You need to log in before you can comment on or make changes to this bug.