New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Coverity fixes #238
base: master
Are you sure you want to change the base?
Coverity fixes #238
Conversation
Some of these have been fixed (eg the addr.c and ssh-keygen.c moduli screening ones). Could you please update and rebase? |
@daztucker done. |
Whoops, sorry, a typo :( |
Fixup pushed |
bb98864
to
5f9b431
Compare
The tests has passed locally. |
The failures seem irrelevant |
openbsd-compat/bindresvport.c
Outdated
@@ -1,4 +1,4 @@ | |||
/* This file has be substantially modified from the original OpenBSD source */ | |||
* This file has be substantially modified from the original OpenBSD source */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does this compile?
@@ -1261,6 +1261,7 @@ is_key_revoked(struct ssh_krl *krl, const struct sshkey *key) | |||
return r; | |||
erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); | |||
free(rb.blob); | |||
rb.blob = NULL; /* make coverity happy */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what is the reason for this change? (our Coverity scan doesn't flag this)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't remember, can skip it
@@ -436,9 +436,9 @@ channel_register_fds(struct ssh *ssh, Channel *c, int rfd, int wfd, int efd, | |||
} else if (nonblock) { | |||
if (rfd != -1) | |||
set_nonblock(rfd); | |||
if (wfd != -1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what warning is this fixing, and why is rfd treated differently?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's an artifact of our coverity run, they should be uniform.
@@ -543,7 +543,7 @@ server_request_tun(struct ssh *ssh) | |||
debug_f("invalid tun"); | |||
goto done; | |||
} | |||
if (auth_opts->force_tun_device != -1) { | |||
if (auth_opts->force_tun_device >= 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what's this fixing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, don't remember. Better skip it.
ssh_sandbox_child(box); | ||
free(box); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sent upstream, waiting for an ok.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Damien points out that this will cause problems for other sandboxes where the sandbox has some persistent (non-kernel) state, eg the systrace sandbox since the contents of "box" is needed throughout the life of the preauth privsep supervisor process.
Ideally we'd add a ssh_sandbox_child_finish and call it near mm_send_keystate, but the "box" variable doesn't exist in that scope and getting it there would be messy.
One option would be to free "box" at the end of ssh_sandbox_child in any sandbox implementation that can do that, and do nothing for the ones that can't. Another option would be to just ignore it, because while it is technically a leak, it's in a process that exists only during the authentication process and exits once the authentication succeeds or fails.
Resolved, thanks. What's better - to remove the places where the changes are suspicious? |
This is a set of patches fixing the issues found during the coverity scan of the openssh 8.5.