Coverity-updates archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
New Defects reported by Coverity Scan for NetBSD-i386-user
Hi,
Please find the latest report on new defect(s) introduced to NetBSD-i386-user found with Coverity Scan.
271 new defect(s) introduced to NetBSD-i386-user found with Coverity Scan.
70 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 271 defect(s)
** CID 977798: Resource leaks (RESOURCE_LEAK)
/crypto/external/bsd/openssh/dist/sftp.c: 714 in process_put()
________________________________________________________________________________________________________
*** CID 977798: Resource leaks (RESOURCE_LEAK)
/crypto/external/bsd/openssh/dist/sftp.c: 714 in process_put()
708 abs_dst = path_append(tmp_dst, filename);
709 else
710 abs_dst = xstrdup(tmp_dst);
711 } else if (tmp_dst) {
712 abs_dst = path_append(tmp_dst, filename);
713 } else {
>>> CID 977798: Resource leaks (RESOURCE_LEAK)
>>> Overwriting "abs_dst" in "abs_dst = make_absolute(ssh_strdup(filename), pwd)" leaks the storage that "abs_dst" points to.
714 abs_dst = make_absolute(xstrdup(filename), pwd);
715 }
716 free(tmp);
717
718 resume |= global_aflag;
719 if (!quiet && resume)
** CID 996110: Control flow issues (DEADCODE)
/crypto/external/bsd/openssh/dist/krl.c: 1029 in ssh_krl_from_blob()
________________________________________________________________________________________________________
*** CID 996110: Control flow issues (DEADCODE)
/crypto/external/bsd/openssh/dist/krl.c: 1029 in ssh_krl_from_blob()
1023 /* Check signature over entire KRL up to this point */
1024 if ((r = sshkey_verify(key, blob, blen,
1025 sshbuf_ptr(buf), sshbuf_len(buf) - sig_off, 0)) != 0)
1026 goto out;
1027 /* Check if this key has already signed this KRL */
1028 for (i = 0; i < nca_used; i++) {
>>> CID 996110: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement "if (sshkey_equal(ca_used[i]...".
1029 if (sshkey_equal(ca_used[i], key)) {
1030 error("KRL signed more than once with "
1031 "the same key");
1032 r = SSH_ERR_INVALID_FORMAT;
1033 goto out;
1034 }
** CID 1009485: Control flow issues (DEADCODE)
/external/cddl/osnet/dist/uts/common/fs/zfs/dmu.c: 826 in dmu_read_uio()
________________________________________________________________________________________________________
*** CID 1009485: Control flow issues (DEADCODE)
/external/cddl/osnet/dist/uts/common/fs/zfs/dmu.c: 826 in dmu_read_uio()
820 ASSERT(size > 0);
821
822 bufoff = uio->uio_loffset - db->db_offset;
823 tocpy = (int)MIN(db->db_size - bufoff, size);
824
825 if (xuio) {
>>> CID 1009485: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement "dbi = (dmu_buf_impl_t *)db;".
826 dmu_buf_impl_t *dbi = (dmu_buf_impl_t *)db;
827 arc_buf_t *dbuf_abuf = dbi->db_buf;
828 arc_buf_t *abuf = dbuf_loan_arcbuf(dbi);
829 err = dmu_xuio_add(xuio, abuf, bufoff, tocpy);
830 if (!err) {
831 uio->uio_resid -= tocpy;
** CID 1009695: (BAD_FREE)
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
________________________________________________________________________________________________________
*** CID 1009695: (BAD_FREE)
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
/external/cddl/osnet/dist/common/nvpair/nvpair.c: 2952 in nvs_xdr_nvp_op()
2946
2947 /* if there is no data to extract then return */
2948 if (nelem == 0)
2949 return (0);
2950
2951 /* value */
>>> CID 1009695: (BAD_FREE)
>>> Assigning: "buf" = "(char *)nvp + ((ulong_t)(16U + nvp->nvp_name_sz) + 7UL & 0xfffffff8UL)".
2952 if ((buf = NVP_VALUE(nvp)) >= buf_end)
2953 return (EFAULT);
2954 buflen = buf_end - buf;
2955
2956 if (buflen < value_sz)
2957 return (EFAULT);
** CID 1018734: Uninitialized variables (UNINIT)
/crypto/external/bsd/openssh/dist/packet.c: 1265 in ssh_packet_read_seqnr()
________________________________________________________________________________________________________
*** CID 1018734: Uninitialized variables (UNINIT)
/crypto/external/bsd/openssh/dist/packet.c: 1265 in ssh_packet_read_seqnr()
1259 */
1260
1261 int
1262 ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1263 {
1264 struct session_state *state = ssh->state;
>>> CID 1018734: Uninitialized variables (UNINIT)
>>> Declaring variable "ms_remain" without initializer.
1265 int len, r, ms_remain, cont;
1266 fd_set *setp;
1267 char buf[8192];
1268 struct timeval timeout, start, *timeoutp = NULL;
1269
1270 DBG(debug("packet_read()"));
** CID 1199067: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssl/dist/apps/s_time.c: 378 in s_time_main()
________________________________________________________________________________________________________
*** CID 1199067: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssl/dist/apps/s_time.c: 378 in s_time_main()
372 return (1);
373
374 SSL_CTX_set_quiet_shutdown(tm_ctx, 1);
375
376 if (st_bugs)
377 SSL_CTX_set_options(tm_ctx, SSL_OP_ALL);
>>> CID 1199067: Error handling issues (CHECKED_RETURN)
>>> No check of the return value of "SSL_CTX_set_cipher_list(tm_ctx, tm_cipher)".
378 SSL_CTX_set_cipher_list(tm_ctx, tm_cipher);
379 if (!set_cert_stuff(tm_ctx, t_cert_file, t_key_file))
380 goto end;
381
382 SSL_load_error_strings();
383
** CID 1269537: Control flow issues (UNREACHABLE)
/external/bsd/ntp/dist/ntpd/refclock_shm.c: 202 in getShmTime()
________________________________________________________________________________________________________
*** CID 1269537: Control flow issues (UNREACHABLE)
/external/bsd/ntp/dist/ntpd/refclock_shm.c: 202 in getShmTime()
196 msyslog(LOG_ERR,"SHM MapViewOfFile (unit %d): %s", unit, buf);
197 return NULL;
198 }
199
200 #endif
201
>>> CID 1269537: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "return p;".
202 return p;
203 }
204 /*
205 * shm_start - attach to shared memory
206 */
207 static int
** CID 1291621: Control flow issues (DEADCODE)
/crypto/external/bsd/openssl/dist/crypto/dh/dh_ameth.c: 278 in dh_priv_encode()
________________________________________________________________________________________________________
*** CID 1291621: Control flow issues (DEADCODE)
/crypto/external/bsd/openssl/dist/crypto/dh/dh_ameth.c: 278 in dh_priv_encode()
272 err:
273 if (dp != NULL)
274 OPENSSL_free(dp);
275 if (params != NULL)
276 ASN1_STRING_free(params);
277 if (prkey != NULL)
>>> CID 1291621: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement "ASN1_STRING_clear_free(prkey);".
278 ASN1_STRING_clear_free(prkey);
279 return 0;
280 }
281
282 static void update_buflen(const BIGNUM *b, size_t *pbuflen)
283 {
** CID 1292486: Insecure data handling (INTEGER_OVERFLOW)
/common/lib/libc/string/consttime_memequal.c: 36 in consttime_memequal()
________________________________________________________________________________________________________
*** CID 1292486: Insecure data handling (INTEGER_OVERFLOW)
/common/lib/libc/string/consttime_memequal.c: 36 in consttime_memequal()
30 *
31 * This is not simply `!res' because although many CPUs support
32 * branchless conditional moves and many compilers will take
33 * advantage of them, certain compilers generate branches on
34 * certain CPUs for `!res'.
35 */
>>> CID 1292486: Insecure data handling (INTEGER_OVERFLOW)
>>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "1U & (res - 1U >> 8)" used as return value.
36 return (1 & ((res - 1) >> 8));
** CID 1292543: (CHECKED_RETURN)
/external/bsd/dhcpcd/dist/eloop.c: 225 in eloop_event_delete()
/external/bsd/dhcpcd/dist/eloop.c: 246 in eloop_event_delete()
________________________________________________________________________________________________________
*** CID 1292543: (CHECKED_RETURN)
/external/bsd/dhcpcd/dist/eloop.c: 225 in eloop_event_delete()
219 e->write_cb = NULL;
220 e->write_cb_arg = NULL;
221 #if defined(HAVE_KQUEUE)
222 EV_SET(&ke[0], (uintptr_t)fd,
223 EVFILT_WRITE, EV_DELETE,
224 0, 0, UPTR(NULL));
>>> CID 1292543: (CHECKED_RETURN)
>>> No check of the return value of "kevent(ctx->poll_fd, ke, 1U, NULL, 0U, NULL)".
225 kevent(ctx->poll_fd, ke, 1, NULL, 0,
226 NULL);
227 #elif defined(HAVE_EPOLL)
228 memset(&epe, 0, sizeof(epe));
229 epe.data.fd = e->fd;
230 epe.data.ptr = e;
/external/bsd/dhcpcd/dist/eloop.c: 246 in eloop_event_delete()
240 EV_SET(&ke[0], (uintptr_t)fd, EVFILT_READ,
241 EV_DELETE, 0, 0, UPTR(NULL));
242 if (e->write_cb)
243 EV_SET(&ke[1], (uintptr_t)fd,
244 EVFILT_WRITE, EV_DELETE,
245 0, 0, UPTR(NULL));
>>> CID 1292543: (CHECKED_RETURN)
>>> No check of the return value of "kevent(ctx->poll_fd, ke, (e->write_cb ? 2 : 1), NULL, 0U, NULL)".
246 kevent(ctx->poll_fd, ke, e->write_cb ? 2 : 1,
247 NULL, 0, NULL);
248 #elif defined(HAVE_EPOLL)
249 /* NULL event is safe because we
250 * rely on epoll_pwait which as added
251 * after the delete without event was fixed. */
** CID 1292544: (FORWARD_NULL)
/external/bsd/dhcpcd/dist/dhcpcd.c: 1518 in main()
/external/bsd/dhcpcd/dist/dhcpcd.c: 1518 in main()
________________________________________________________________________________________________________
*** CID 1292544: (FORWARD_NULL)
/external/bsd/dhcpcd/dist/dhcpcd.c: 1518 in main()
1512 if (chdir("/") == -1)
1513 logger(&ctx, LOG_ERR, "chdir `/': %m");
1514
1515 /* Freeing allocated addresses from dumping leases can trigger
1516 * eloop removals as well, so init here. */
1517 ctx.eloop = eloop_init(&ctx);
>>> CID 1292544: (FORWARD_NULL)
>>> Comparing "ctx.eloop" to null implies that "ctx.eloop" might be null.
1518 if (ctx.eloop == NULL) {
1519 logger(&ctx, LOG_ERR, "%s: eloop_init: %m", __func__);
1520 goto exit_failure;
1521 }
1522
1523 if (ctx.options & DHCPCD_DUMPLEASE) {
/external/bsd/dhcpcd/dist/dhcpcd.c: 1518 in main()
1512 if (chdir("/") == -1)
1513 logger(&ctx, LOG_ERR, "chdir `/': %m");
1514
1515 /* Freeing allocated addresses from dumping leases can trigger
1516 * eloop removals as well, so init here. */
1517 ctx.eloop = eloop_init(&ctx);
>>> CID 1292544: (FORWARD_NULL)
>>> Comparing "ctx.eloop" to null implies that "ctx.eloop" might be null.
1518 if (ctx.eloop == NULL) {
1519 logger(&ctx, LOG_ERR, "%s: eloop_init: %m", __func__);
1520 goto exit_failure;
1521 }
1522
1523 if (ctx.options & DHCPCD_DUMPLEASE) {
** CID 1292545: Null pointer dereferences (FORWARD_NULL)
/external/bsd/dhcpcd/dist/if-bsd.c: 1613 in _if_checkipv6()
________________________________________________________________________________________________________
*** CID 1292545: Null pointer dereferences (FORWARD_NULL)
/external/bsd/dhcpcd/dist/if-bsd.c: 1613 in _if_checkipv6()
1607
1608 #ifdef IPV6CTL_ACCEPT_RTADV
1609 ra = get_inet6_sysctl(IPV6CTL_ACCEPT_RTADV);
1610 if (ra == -1)
1611 /* The sysctl probably doesn't exist, but this isn't an
1612 * error as such so just log it and continue */
>>> CID 1292545: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "ifp".
1613 logger(ifp->ctx, errno == ENOENT ? LOG_DEBUG : LOG_WARNING,
1614 "IPV6CTL_ACCEPT_RTADV: %m");
1615 else if (ra != 0 && own) {
1616 logger(ifp->ctx, LOG_DEBUG, "disabling Kernel IPv6 RA support");
1617 if (set_inet6_sysctl(IPV6CTL_ACCEPT_RTADV, 0) == -1) {
1618 logger(ifp->ctx, LOG_ERR, "IPV6CTL_ACCEPT_RTADV: %m");
** CID 1292546: Uninitialized variables (UNINIT)
/external/bsd/dhcpcd/dist/dhcp-common.c: 160 in make_option_mask()
________________________________________________________________________________________________________
*** CID 1292546: Uninitialized variables (UNINIT)
/external/bsd/dhcpcd/dist/dhcp-common.c: 160 in make_option_mask()
154 make_option_mask(const struct dhcp_opt *dopts, size_t dopts_len,
155 const struct dhcp_opt *odopts, size_t odopts_len,
156 uint8_t *mask, const char *opts, int add)
157 {
158 char *token, *o, *p;
159 const struct dhcp_opt *opt;
>>> CID 1292546: Uninitialized variables (UNINIT)
>>> Declaring variable "e" without initializer.
160 int match, e;
161 unsigned int n;
162 size_t i;
163
164 if (opts == NULL)
165 return -1;
** CID 1292547: Uninitialized variables (UNINIT)
/external/bsd/dhcpcd/dist/if-options.c: 393 in parse_iaid1()
________________________________________________________________________________________________________
*** CID 1292547: Uninitialized variables (UNINIT)
/external/bsd/dhcpcd/dist/if-options.c: 393 in parse_iaid1()
387 return (ssize_t)l;
388 }
389
390 static int
391 parse_iaid1(uint8_t *iaid, const char *arg, size_t len, int n)
392 {
>>> CID 1292547: Uninitialized variables (UNINIT)
>>> Declaring variable "e" without initializer.
393 int e;
394 uint32_t narg;
395 ssize_t s;
396
397 narg = (uint32_t)strtou(arg, NULL, 0, 0, UINT32_MAX, &e);
398 if (e == 0) {
** CID 1292548: (UNINIT)
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
________________________________________________________________________________________________________
*** CID 1292548: (UNINIT)
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
625 }
626
627 static int
628 parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
629 int opt, const char *arg, struct dhcp_opt **ldop, struct dhcp_opt **edop)
630 {
>>> CID 1292548: (UNINIT)
>>> Declaring variable "e" without initializer.
631 int e, i, t;
632 long l;
633 unsigned long u;
634 char *p = NULL, *fp, *np, **nconf;
635 ssize_t s;
636 struct in_addr addr, addr2;
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
625 }
626
627 static int
628 parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
629 int opt, const char *arg, struct dhcp_opt **ldop, struct dhcp_opt **edop)
630 {
>>> CID 1292548: (UNINIT)
>>> Declaring variable "e" without initializer.
631 int e, i, t;
632 long l;
633 unsigned long u;
634 char *p = NULL, *fp, *np, **nconf;
635 ssize_t s;
636 struct in_addr addr, addr2;
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
625 }
626
627 static int
628 parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
629 int opt, const char *arg, struct dhcp_opt **ldop, struct dhcp_opt **edop)
630 {
>>> CID 1292548: (UNINIT)
>>> Declaring variable "e" without initializer.
631 int e, i, t;
632 long l;
633 unsigned long u;
634 char *p = NULL, *fp, *np, **nconf;
635 ssize_t s;
636 struct in_addr addr, addr2;
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
625 }
626
627 static int
628 parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
629 int opt, const char *arg, struct dhcp_opt **ldop, struct dhcp_opt **edop)
630 {
>>> CID 1292548: (UNINIT)
>>> Declaring variable "e" without initializer.
631 int e, i, t;
632 long l;
633 unsigned long u;
634 char *p = NULL, *fp, *np, **nconf;
635 ssize_t s;
636 struct in_addr addr, addr2;
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
625 }
626
627 static int
628 parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
629 int opt, const char *arg, struct dhcp_opt **ldop, struct dhcp_opt **edop)
630 {
>>> CID 1292548: (UNINIT)
>>> Declaring variable "e" without initializer.
631 int e, i, t;
632 long l;
633 unsigned long u;
634 char *p = NULL, *fp, *np, **nconf;
635 ssize_t s;
636 struct in_addr addr, addr2;
/external/bsd/dhcpcd/dist/if-options.c: 631 in parse_option()
625 }
626
627 static int
628 parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
629 int opt, const char *arg, struct dhcp_opt **ldop, struct dhcp_opt **edop)
630 {
>>> CID 1292548: (UNINIT)
>>> Declaring variable "e" without initializer.
631 int e, i, t;
632 long l;
633 unsigned long u;
634 char *p = NULL, *fp, *np, **nconf;
635 ssize_t s;
636 struct in_addr addr, addr2;
** CID 1292549: Control flow issues (UNREACHABLE)
/external/bsd/dhcpcd/dist/common.c: 139 in get_monotonic()
________________________________________________________________________________________________________
*** CID 1292549: Control flow issues (UNREACHABLE)
/external/bsd/dhcpcd/dist/common.c: 139 in get_monotonic()
133 /* Something above failed, so fall back to gettimeofday */
134 if (!posix_clock_set) {
135 logger(NULL, LOG_WARNING, NO_MONOTONIC);
136 posix_clock_set = 1;
137 }
138 #endif
>>> CID 1292549: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
struct timeval tv;
{
...".
139 {
140 struct timeval tv;
141 if (gettimeofday(&tv, NULL) == 0) {
142 TIMEVAL_TO_TIMESPEC(&tv, ts);
143 return 0;
144 }
** CID 1293642: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssh/dist/serverloop.c: 866 in server_loop2()
________________________________________________________________________________________________________
*** CID 1293642: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssh/dist/serverloop.c: 866 in server_loop2()
860 collect_children();
861 if (!rekeying) {
862 channel_after_select(readset, writeset);
863 if (packet_need_rekeying()) {
864 debug("need rekeying");
865 active_state->kex->done = 0;
>>> CID 1293642: Error handling issues (CHECKED_RETURN)
>>> No check of the return value of "kex_send_kexinit(active_state)".
866 kex_send_kexinit(active_state);
867 }
868 }
869 process_input(readset);
870 if (connection_closed)
871 break;
** CID 1293643: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssh/dist/sshconnect2.c: 1546 in ssh_keysign()
________________________________________________________________________________________________________
*** CID 1293643: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssh/dist/sshconnect2.c: 1546 in ssh_keysign()
1540 fatal("%s: dup2: %s", __func__, strerror(errno));
1541 close(from[1]);
1542 close(to[0]);
1543 /* Close everything but stdio and the socket */
1544 for (i = STDERR_FILENO + 1; i < sock; i++)
1545 close(i);
>>> CID 1293643: Error handling issues (CHECKED_RETURN)
>>> No check of the return value of "closefrom(sock + 1)".
1546 closefrom(sock + 1);
1547 debug3("%s: [child] pid=%ld, exec %s",
1548 __func__, (long)getpid(), _PATH_SSH_KEY_SIGN);
1549 execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *) 0);
1550 fatal("%s: exec(%s): %s", __func__, _PATH_SSH_KEY_SIGN,
1551 strerror(errno));
** CID 1293644: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssh/dist/ssh-keyscan.c: 294 in keyprint()
________________________________________________________________________________________________________
*** CID 1293644: Error handling issues (CHECKED_RETURN)
/crypto/external/bsd/openssh/dist/ssh-keyscan.c: 294 in keyprint()
288 if (!key)
289 return;
290 if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL)
291 fatal("host_hash failed");
292
293 fprintf(stdout, "%s ", host);
>>> CID 1293644: Error handling issues (CHECKED_RETURN)
>>> No check of the return value of "sshkey_write(key, &__sF[1])".
294 sshkey_write(key, stdout);
295 fputs("\n", stdout);
296 }
297
298 static int
299 tcpconnect(char *host)
** CID 1293645: (CONSTANT_EXPRESSION_RESULT)
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
________________________________________________________________________________________________________
*** CID 1293645: (CONSTANT_EXPRESSION_RESULT)
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
184 ssh_hmac_update(mac->hmac_ctx, b, sizeof(b)) < 0 ||
185 ssh_hmac_update(mac->hmac_ctx, data, datalen) < 0 ||
186 ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
187 return SSH_ERR_LIBCRYPTO_ERROR;
188 break;
189 case SSH_UMAC:
>>> CID 1293645: (CONSTANT_EXPRESSION_RESULT)
>>> "(u_int64_t)seqno >> 32" is 0 regardless of the values of its operands. This occurs as the bitwise first operand of '&'.
190 POKE_U64(nonce, seqno);
191 umac_update(mac->umac_ctx, data, datalen);
192 umac_final(mac->umac_ctx, u.m, nonce);
193 break;
194 case SSH_UMAC128:
195 put_u64(nonce, seqno);
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
184 ssh_hmac_update(mac->hmac_ctx, b, sizeof(b)) < 0 ||
185 ssh_hmac_update(mac->hmac_ctx, data, datalen) < 0 ||
186 ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
187 return SSH_ERR_LIBCRYPTO_ERROR;
188 break;
189 case SSH_UMAC:
>>> CID 1293645: (CONSTANT_EXPRESSION_RESULT)
>>> "(u_int64_t)seqno >> 40" is 0 regardless of the values of its operands. This occurs as the bitwise first operand of '&'.
190 POKE_U64(nonce, seqno);
191 umac_update(mac->umac_ctx, data, datalen);
192 umac_final(mac->umac_ctx, u.m, nonce);
193 break;
194 case SSH_UMAC128:
195 put_u64(nonce, seqno);
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
184 ssh_hmac_update(mac->hmac_ctx, b, sizeof(b)) < 0 ||
185 ssh_hmac_update(mac->hmac_ctx, data, datalen) < 0 ||
186 ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
187 return SSH_ERR_LIBCRYPTO_ERROR;
188 break;
189 case SSH_UMAC:
>>> CID 1293645: (CONSTANT_EXPRESSION_RESULT)
>>> "(u_int64_t)seqno >> 48" is 0 regardless of the values of its operands. This occurs as the bitwise first operand of '&'.
190 POKE_U64(nonce, seqno);
191 umac_update(mac->umac_ctx, data, datalen);
192 umac_final(mac->umac_ctx, u.m, nonce);
193 break;
194 case SSH_UMAC128:
195 put_u64(nonce, seqno);
/crypto/external/bsd/openssh/dist/mac.c: 190 in mac_compute()
184 ssh_hmac_update(mac->hmac_ctx, b, sizeof(b)) < 0 ||
185 ssh_hmac_update(mac->hmac_ctx, data, datalen) < 0 ||
186 ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
187 return SSH_ERR_LIBCRYPTO_ERROR;
188 break;
189 case SSH_UMAC:
>>> CID 1293645: (CONSTANT_EXPRESSION_RESULT)
>>> "(u_int64_t)seqno >> 56" is 0 regardless of the values of its operands. This occurs as the bitwise first operand of '&'.
190 POKE_U64(nonce, seqno);
191 umac_update(mac->umac_ctx, data, datalen);
192 umac_final(mac->umac_ctx, u.m, nonce);
193 break;
194 case SSH_UMAC128:
195 put_u64(nonce, seqno);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/1448?tab=overview
To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://scan.coverity.com/subscriptions/edit?email=coverity-updates%40netbsd.org&token=487286ca1a9a4f4bd485d16f66b5e782 .
Home |
Main Index |
Thread Index |
Old Index