Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src: fix static analysis warning and use smart ptr #43117

Merged
merged 1 commit into from
May 18, 2022
Merged

src: fix static analysis warning and use smart ptr #43117

merged 1 commit into from
May 18, 2022

Conversation

tniessen
Copy link
Member

Coverity issues a warning about value_before_reset == ca, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

Defect within value_before_reset == ca according to Coverity:

CID 239746 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE)
8. use_after_free: Using invalidated internal representation of parameter cert.

@tniessen tniessen requested a review from jasnell May 16, 2022 01:22
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels May 16, 2022
@tniessen tniessen added the request-ci Add this label to start a Jenkins CI on a PR. label May 16, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 16, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@tniessen
src: fix static analysis warning and use smart ptr
3bd3bba 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: nodejs#37990
@tniessen tniessen force-pushed the src-fix-coverity-warning-crypto-common branch from 35fc96f to 3bd3bba Compare May 16, 2022 19:09
@tniessen
Copy link
Member Author

Force-pushed to please the C++ linter, the actual diff is 35fc96f.

@tniessen tniessen added request-ci Add this label to start a Jenkins CI on a PR. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. labels May 16, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 16, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/44037/

@github-actions github-actions bot mentioned this pull request May 17, 2022
Open
23 tasks
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/44045/

@github-actions github-actions bot mentioned this pull request May 18, 2022
Open
28 tasks
@tniessen tniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label May 18, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label May 18, 2022
@nodejs-github-bot nodejs-github-bot merged commit 06ba40a into nodejs:master May 18, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 06ba40a

This was referenced May 19, 2022
Open
Open
Open
Open
bengl pushed a commit that referenced this pull request May 30, 2022
@tniessen @bengl
src: fix static analysis warning and use smart ptr
d8a14a2 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

PR-URL: #43117
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
@bengl bengl mentioned this pull request May 31, 2022
Merged
juanarbol pushed a commit that referenced this pull request May 31, 2022
@tniessen @juanarbol
src: fix static analysis warning and use smart ptr
4823c5e 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

PR-URL: #43117
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
@juanarbol juanarbol mentioned this pull request May 31, 2022
Closed
danielleadams pushed a commit that referenced this pull request Jun 27, 2022
@tniessen @danielleadams
src: fix static analysis warning and use smart ptr
cf70c24 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

PR-URL: #43117
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
targos pushed a commit that referenced this pull request Jul 12, 2022
@tniessen @targos
src: fix static analysis warning and use smart ptr
3b43aa4 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

PR-URL: #43117
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
targos pushed a commit that referenced this pull request Jul 31, 2022
@tniessen @targos
src: fix static analysis warning and use smart ptr
f18867b 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

PR-URL: #43117
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
@targos targos mentioned this pull request Aug 3, 2022
Merged
guangwong pushed a commit to noslate-project/node that referenced this pull request Oct 10, 2022
@tniessen @guangwong
src: fix static analysis warning and use smart ptr
b316e07 
Coverity issues a warning about `value_before_reset == ca`, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: nodejs/node#37990

PR-URL: nodejs/node#43117
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JungMinu JungMinu JungMinu approved these changes

@RaisinTen RaisinTen RaisinTen approved these changes

@jasnell jasnell Awaiting requested review from jasnell

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tniessen @nodejs-github-bot @JungMinu @RaisinTen