[RTEMS Project] #3719: Update libcrypt to latest FreeBSD to address Coverity Scan Issues
RTEMS trac
trac at rtems.org
Thu Mar 7 18:58:44 UTC 2019
#3719: Update libcrypt to latest FreeBSD to address Coverity Scan Issues
----------------------------+-----------------------------
Reporter: Joel Sherrill | Owner: Sebastian Huber
Type: defect | Status: assigned
Priority: normal | Milestone: 5.1
Component: lib | Version: 5
Severity: normal | Keywords:
Blocked By: | Blocking:
----------------------------+-----------------------------
Coverity issues 1018087, 1018088, 1018089, and 1018090 all appear to be
addressed in the latest source code for libcrypt from FreeBSD. This code
needs to be updated. This is one of the issues (1018087) in crypt-sha512.c
from Scan but the same issues are in sha256.c
{{{
275 if (copied_key != NULL)
CID 1018088: 'Constant' variable guards dead code
(DEADCODE) [select issue]
276 memset(copied_key, '\0', key_len);
null: At condition copied_salt != NULL, the value of copied_salt
must be NULL.
dead_error_condition: The condition copied_salt != NULL cannot be
true.
277 if (copied_salt != NULL)
CID 1018087 (#1 of 1): 'Constant' variable guards dead code (DEADCODE)
dead_error_line: Execution cannot reach this statement:
memset(copied_salt, 0, salt....
Local variable copied_salt is assigned only once, to a constant
value, making it effectively constant throughout its scope. If this is not
the intent, examine the logic to see if there is a missing assignment that
would make copied_salt not remain constant.
278 memset(copied_salt, '\0', salt_len);
}}}
--
Ticket URL: <http://devel.rtems.org/ticket/3719>
RTEMS Project <http://www.rtems.org/>
RTEMS Project
More information about the bugs
mailing list