Closed
Bug 1280851
Opened 9 years ago
Closed 9 years ago
Fix some libssl Coverity issues
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1279399
People
(Reporter: ttaubert, Assigned: ttaubert)
References
(Blocks 1 open bug)
Details
*** CID 1362653: Control flow issues (DEADCODE)
/security/nss/lib/ssl/ssl3ecc.c: 800 in ssl3_SendECDHServerKeyExchange()
794 if (rv != SECSuccess) {
795 goto loser;
796 }
797 PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs);
798 }
799 if (rv != SECSuccess) {
>>> CID 1362653: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "goto loser;".
800 goto loser;
801 }
802
803 PORT_Assert(keyPair);
804 if (!keyPair) {
805 PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
*** CID 1362656: Memory - illegal accesses (UNINIT)
/security/nss/lib/ssl/sslcert.c: 167 in ssl_FindServerCertByAuthType()
161 return NULL;
162 }
163
164 sslServerCert *
165 ssl_FindServerCertByAuthType(const sslSocket *ss, SSLAuthType authType)
166 {
>>> CID 1362656: Memory - illegal accesses (UNINIT)
>>> Declaring variable "certType" without initializer.
167 sslServerCertType certType;
168 certType.authType = authType;
169 switch (authType) {
170 /* Setting the named curve to NULL ensures that all EC certificates
171 * are matched when searching for this slot. */
172 case ssl_auth_ecdsa:
*** CID 1362657: Memory - illegal accesses (UNINIT)
/security/nss/lib/ssl/sslcert.c: 642 in ssl_FindOrMakeCertType()
636 /* This finds an existing server cert slot and unlinks it, or it makes a new
637 * server cert slot of the right type. */
638 static sslServerCert *
639 ssl_FindOrMakeCertType(sslSocket *ss, SSLAuthType authType)
640 {
641 sslServerCert *sc;
>>> CID 1362657: Memory - illegal accesses (UNINIT)
>>> Declaring variable "certType" without initializer.
642 sslServerCertType certType;
643
644 certType.authType = authType;
645 switch (authType) {
646 case ssl_auth_ecdsa:
647 case ssl_auth_ecdh_rsa:
*** CID 1362658: Memory - illegal accesses (UNINIT)
/security/nss/lib/ssl/ssl3ext.c: 192 in ssl3_GenerateSessionTicketKeysPKCS11()
186
187 static PRStatus
188 ssl3_GenerateSessionTicketKeysPKCS11(void *data)
189 {
190 SECStatus rv;
191 sslSocket *ss = (sslSocket *)data;
>>> CID 1362658: Memory - illegal accesses (UNINIT)
>>> Declaring variable "certType" without initializer.
192 sslServerCertType certType;
193 const sslServerCert *sc;
194 SECKEYPrivateKey *svrPrivKey;
195 SECKEYPublicKey *svrPubKey;
196
197 certType.authType = ssl_auth_rsa_decrypt;
|
Assignee | |
Comment 1•9 years ago
|
||
Patch at: https://codereview.appspot.com/296510043
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
Flags: needinfo?(franziskuskiefer)
|
|
Assignee | |
Updated•9 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(franziskuskiefer)
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•