-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PVS-Studio + openssl 1.0.2m #4729
Comments
warnings (medium level): V512 A call of the 'memcpy' function will lead to underflow of the buffer 'ctx->iv'. e_aes.c 1953 |
This is interesting, but we are unlikely to fix these in the 1.0.2 branch. They're sub-optimal code, perhaps, and not really bugs. Can you run it against master? |
In the context it's worth keeping in mind that there are conscious constant conditions in code. Given the nature of this software they are likely to show up in report. But since it's conscious choice, they won't be qualified for resolution. Just in case for reference, rationale behind constant conditions is to subject code that would otherwise likely to end up in #ifdef to at least parsing. This is to avoid unnecessary/unpleasant surprises on rare platforms. |
V590 Consider inspecting the 'atype != - 1 && atype == 5' expression. The expression is excessive or contains a misprint. dh_ameth.c 670
Warning:
V501 There are identical sub-expressions '(c == ' ')' to the left and to the right of the '||' operator. a_print.c 77
V501 There are identical sub-expressions 'type' to the left and to the right of the '&&' operator. d1_pkt.c 856
V512 A call of the 'memcpy' function will lead to underflow of the buffer '& data->peer'. bss_dgram.c 566
V512 A call of the 'memcpy' function will lead to the 'to' buffer becoming out of range. bss_dgram.c 570
V512 A call of the 'memcpy' function will lead to underflow of the buffer '& data->peer'. bss_dgram.c 697
V512 A call of the 'memcpy' function will lead to the 'to' buffer becoming out of range. bss_dgram.c 701
V512 A call of the 'memcpy' function will lead to underflow of the buffer '& data->peer'. bss_dgram.c 735
V512 A call of the 'memcpy' function will lead to the 'to' buffer becoming out of range. bss_dgram.c 739
V512 A call of the 'memcpy' function will lead to underflow of the buffer 'c->buf'. e_aes.c 1235
V523 The 'then' statement is equivalent to the 'else' statement. bss_file.c 234
V547 Expression 'i == 8' is always true. a_gentm.c 222
V547 Expression 'i == 7' is always true. a_utctm.c 192
V547 Expression 'i == 0' is always true. bf_buff.c 184
V547 Expression 'i == 0' is always true. bf_buff.c 202
V547 Expression 'i == 0' is always true. bf_buff.c 251
V547 Expression 'i == 0' is always true. bf_buff.c 273
V547 Expression 'i == 0' is always true. bf_buff.c 505
V547 Expression 'i == 0' is always true. bf_lbuf.c 214
V547 Expression 'i == 0' is always true. bf_lbuf.c 241
V547 Expression 'ret == 0' is always true. b_sock.c 948
V547 Expression 'blocksize <= 2' is always false. ec_mult.c 856
V547 Expression 'ps >= 1' is always true. ui_openssl.c 465
V547 Expression 'c == '\0'' is always false. by_dir.c 344
V547 Expression 'type == 2' is always true. by_dir.c 369
V547 Expression 'version != 0x0002' is always true. s23_clnt.c 360
V547 Expression 'version == 0x0301' is always true. s23_clnt.c 403
V547 Expression 'os.length != 3' is always true. ssl_asn1.c 419
V547 Expression 'os.length != 2' is always true. ssl_asn1.c 430
V571 Recurring check. The 'if (in->peer != NULL)' condition was already verified in line 289. ssl_asn1.c 290
V571 Recurring check. The 'if (in->peer != NULL)' condition was already verified in line 342. ssl_asn1.c 343
V590 Consider inspecting the 'atype != - 1 && atype == 5' expression. The expression is excessive or contains a misprint. dh_ameth.c 670
V591 Non-void function should return a value. vms-helper.c 68
V593 Consider reviewing the expression of the 'A = B >= C' kind. The expression is calculated as following: 'A = (B >= C)'. ts_rsp_verify.c 722
V595 The 'pkey->ameth' pointer was utilized before it was verified against nullptr. Check lines: 252, 271. a_sign.c 252
V595 The 'storage' pointer was utilized before it was verified against nullptr. Check lines: 449, 452. ex_data.c 449
V595 The 'storage' pointer was utilized before it was verified against nullptr. Check lines: 501, 504. ex_data.c 501
V595 The 'policy' pointer was utilized before it was verified against nullptr. Check lines: 119, 122. pcy_data.c 119
V595 The 'name' pointer was utilized before it was verified against nullptr. Check lines: 101, 108. x509_vpm.c 101
V595 The 'os.data' pointer was utilized before it was verified against nullptr. Check lines: 492, 493. ssl_asn1.c 492
V595 The 'curr->prev' pointer was utilized before it was verified against nullptr. Check lines: 1087, 1093. ssl_ciph.c 1087
V609 Divide by zero. Denominator range [-16..16]. b_dump.c 103
V610 Undefined behavior. Check the shift operator '>>'. The right operand ('rb' = [1..32]) is greater than or equal to the length in bits of the promoted left operand. bn_shift.c 160
V610 Undefined behavior. Check the shift operator '<<'. The right operand ('lb' = [1..32]) is greater than or equal to the length in bits of the promoted left operand. bn_shift.c 217
V753 The '&=' operation always sets a value of 'mask' variable to zero. s23_clnt.c 348
V763 Parameter 'field' is always rewritten in function body before being used. bn_nist.c 387
V763 Parameter 'field' is always rewritten in function body before being used. bn_nist.c 532
V763 Parameter 'field' is always rewritten in function body before being used. bn_nist.c 713
V763 Parameter 'field' is always rewritten in function body before being used. bn_nist.c 959
V763 Parameter 'field' is always rewritten in function body before being used. bn_nist.c 1217
V814 Decreased performance. The 'strlen' function was called multiple times inside the body of a loop. ssl_rsa.c 999
V814 Decreased performance. The 'strlen' function was called multiple times inside the body of a loop. ssl_rsa.c 1004
V817 It is more efficient to seek '/' character rather than a string. dso_win32.c 583
V817 It is more efficient to seek '\' character rather than a string. dso_win32.c 584
V817 It is more efficient to seek ':' character rather than a string. dso_win32.c 585
The text was updated successfully, but these errors were encountered: