Various scan-build errors in ssl3con

RESOLVED FIXED in 3.26

Status

RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: franziskus, Assigned: franziskus)

Tracking

3.25
3.26
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

Comment hidden (empty)
(Assignee)

Comment 1

3 years ago
Created attachment 8767989 [details] [diff] [review]
scan-build-fixes.patch
Attachment #8767989 - Flags: review?(ttaubert)
Comment on attachment 8767989 [details] [diff] [review]
scan-build-fixes.patch

Review of attachment 8767989 [details] [diff] [review]:
-----------------------------------------------------------------

::: lib/ssl/ssl3con.c
@@ +1529,5 @@
>          pBuf += dh_p.len - dh_Ys.len;
>      }
>      /* If we're padding Y, dh_Ys can't be longer than dh_p. */
>      PORT_Assert(!padY || dh_p.len >= dh_Ys.len);
> +    PORT_Assert(dh_Ys.data);

Should move this up to where the other asserts are.

@@ +10569,5 @@
>                                                   hashes->u.pointer_to_hash_input.len,
>                                                   sigAndHash.hashAlg,
>                                                   &localHashes);
> +        } else {
> +            rv = SECFailure;

This shouldn't compile with NO_PKCS11_BYPASS=1. Maybe just wrap the whole thing in if (hashes->u.pointer_to_hash_input.data)?
Attachment #8767989 - Flags: review?(ttaubert) → review+
Status: NEW → ASSIGNED
(Assignee)

Comment 3

3 years ago
https://hg.mozilla.org/projects/nss/rev/8a9b64b9917e
Status: ASSIGNED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.26
You need to log in before you can comment on or make changes to this bug.