[RTEMS Project] #3719: Update libcrypt to latest FreeBSD to address Coverity Scan Issues

RTEMS trac trac at rtems.org
Thu Mar 7 18:58:44 UTC 2019

#3719: Update libcrypt to latest FreeBSD to address Coverity Scan Issues
  Reporter:  Joel Sherrill  |      Owner:  Sebastian Huber
      Type:  defect         |     Status:  assigned
  Priority:  normal         |  Milestone:  5.1
 Component:  lib            |    Version:  5
  Severity:  normal         |   Keywords:
Blocked By:                 |   Blocking:
 Coverity issues 1018087, 1018088, 1018089, and 1018090 all appear to be
 addressed in the latest source code for libcrypt from FreeBSD. This code
 needs to be updated. This is one of the issues (1018087) in crypt-sha512.c
 from Scan but the same issues are in sha256.c

 275        if (copied_key != NULL)
         CID 1018088: 'Constant' variable guards dead code
 (DEADCODE) [select issue]
 276                memset(copied_key, '\0', key_len);
         null: At condition copied_salt != NULL, the value of copied_salt
 must be NULL.
         dead_error_condition: The condition copied_salt != NULL cannot be
 277        if (copied_salt != NULL)

 CID 1018087 (#1 of 1): 'Constant' variable guards dead code (DEADCODE)
 dead_error_line: Execution cannot reach this statement:
 memset(copied_salt, 0, salt....
         Local variable copied_salt is assigned only once, to a constant
 value, making it effectively constant throughout its scope. If this is not
 the intent, examine the logic to see if there is a missing assignment that
 would make copied_salt not remain constant.
 278                memset(copied_salt, '\0', salt_len);

Ticket URL: <http://devel.rtems.org/ticket/3719>
RTEMS Project <http://www.rtems.org/>
RTEMS Project

More information about the bugs mailing list