Closed
Bug 1280851
Opened 8 years ago
Closed 8 years ago
Fix some libssl Coverity issues
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1279399
People
(Reporter: ttaubert, Assigned: ttaubert)
References
(Blocks 1 open bug)
Details
*** CID 1362653: Control flow issues (DEADCODE) /security/nss/lib/ssl/ssl3ecc.c: 800 in ssl3_SendECDHServerKeyExchange() 794 if (rv != SECSuccess) { 795 goto loser; 796 } 797 PR_APPEND_LINK(&keyPair->link, &ss->ephemeralKeyPairs); 798 } 799 if (rv != SECSuccess) { >>> CID 1362653: Control flow issues (DEADCODE) >>> Execution cannot reach this statement: "goto loser;". 800 goto loser; 801 } 802 803 PORT_Assert(keyPair); 804 if (!keyPair) { 805 PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE); *** CID 1362656: Memory - illegal accesses (UNINIT) /security/nss/lib/ssl/sslcert.c: 167 in ssl_FindServerCertByAuthType() 161 return NULL; 162 } 163 164 sslServerCert * 165 ssl_FindServerCertByAuthType(const sslSocket *ss, SSLAuthType authType) 166 { >>> CID 1362656: Memory - illegal accesses (UNINIT) >>> Declaring variable "certType" without initializer. 167 sslServerCertType certType; 168 certType.authType = authType; 169 switch (authType) { 170 /* Setting the named curve to NULL ensures that all EC certificates 171 * are matched when searching for this slot. */ 172 case ssl_auth_ecdsa: *** CID 1362657: Memory - illegal accesses (UNINIT) /security/nss/lib/ssl/sslcert.c: 642 in ssl_FindOrMakeCertType() 636 /* This finds an existing server cert slot and unlinks it, or it makes a new 637 * server cert slot of the right type. */ 638 static sslServerCert * 639 ssl_FindOrMakeCertType(sslSocket *ss, SSLAuthType authType) 640 { 641 sslServerCert *sc; >>> CID 1362657: Memory - illegal accesses (UNINIT) >>> Declaring variable "certType" without initializer. 642 sslServerCertType certType; 643 644 certType.authType = authType; 645 switch (authType) { 646 case ssl_auth_ecdsa: 647 case ssl_auth_ecdh_rsa: *** CID 1362658: Memory - illegal accesses (UNINIT) /security/nss/lib/ssl/ssl3ext.c: 192 in ssl3_GenerateSessionTicketKeysPKCS11() 186 187 static PRStatus 188 ssl3_GenerateSessionTicketKeysPKCS11(void *data) 189 { 190 SECStatus rv; 191 sslSocket *ss = (sslSocket *)data; >>> CID 1362658: Memory - illegal accesses (UNINIT) >>> Declaring variable "certType" without initializer. 192 sslServerCertType certType; 193 const sslServerCert *sc; 194 SECKEYPrivateKey *svrPrivKey; 195 SECKEYPublicKey *svrPubKey; 196 197 certType.authType = ssl_auth_rsa_decrypt;
Assignee | ||
Comment 1•8 years ago
|
||
Patch at: https://codereview.appspot.com/296510043
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
Flags: needinfo?(franziskuskiefer)
Assignee | ||
Updated•8 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Flags: needinfo?(franziskuskiefer)
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•