Closed Bug 1283164 Opened 10 years ago Closed 10 years ago

[Coverity 1362937+1362936] Fix some TLS 1.3 issues reported by Coverity

Categories

(mozilla.org :: Security Assurance: Applications, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED INVALID

People

(Reporter: ttaubert, Assigned: ttaubert)

References

(Blocks 1 open bug)

Details

*** CID 1362937: Null pointer dereferences (FORWARD_NULL) /lib/ssl/tls13hkdf.c: 75 in tls13_HkdfExtract() 69 } else { 70 /* Per documentation for CKM_NSS_HKDF_*: 71 * 72 * If the optional salt is given, it is used; otherwise, the salt is 73 * set to a sequence of zeros equal in length to the HMAC output. 74 */ >>> CID 1362937: Null pointer dereferences (FORWARD_NULL) >>> Assigning: "params.pSalt" = "NULL". 75 params.pSalt = NULL; 76 params.ulSaltLen = 0UL; 77 } 78 paramsi.data = (unsigned char *)&params; 79 paramsi.len = sizeof(params); 80 *** CID 1362936: Control flow issues (DEADCODE) /external_tests/ssl_gtest/libssl_internals.c: 188 in sslint_DamageTrafficSecret() 182 } 183 if (!slot) { 184 return PR_FALSE; 185 } 186 keyPtr = (PK11SymKey **)((char *)&ss->ssl3.hs + offset); 187 if (!keyPtr) >>> CID 1362936: Control flow issues (DEADCODE) >>> Execution cannot reach this statement: "return 0;". 188 return PR_FALSE; 189 PK11_FreeSymKey(*keyPtr); 190 *keyPtr = PK11_ImportSymKey(slot, 191 CKM_NSS_HKDF_SHA256, PK11_OriginUnwrap, 192 CKA_DERIVE, &key_item, NULL); 193 PK11_FreeSlot(slot);
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.