Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Coverity 1521557: Error handling issues #20409

Closed
wants to merge 2 commits into from
Closed

Coverity 1521557: Error handling issues #20409

wants to merge 2 commits into from

Conversation

paulidale
Copy link
Contributor

Check the return from DSA_set0_key and generate an error on failure.
Technically a false positive since the function always returns success.

  • documentation is added or updated
  • tests are added or updated

@paulidale
Coverity 1521557: Error handling issues
4d94d6e 
Check the return from DSA_set0_key and generate an error on failure.
Technically a false positive since the function always returns success.
@paulidale paulidale added branch: master Merge to master branch approval: review pending This pull request needs review by a committer approval: otc review pending This pull request needs review by an OTC member branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 tests: exempted The PR is exempt from requirements for testing labels Mar 1, 2023
@paulidale paulidale self-assigned this Mar 1, 2023
slontis
slontis reviewed Mar 1, 2023
View reviewed changes
crypto/dsa/dsa_backend.c Outdated
@@ -173,7 +173,10 @@ DSA *ossl_dsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
ERR_raise(ERR_LIB_DSA, DSA_R_BN_ERROR);
goto dsaerr;
}
DSA_set0_key(dsa, dsa_pubkey, dsa_privkey);
if (!DSA_set0_key(dsa, dsa_pubkey, dsa_privkey)) {
ERR_raise(ERR_LIB_DSA, ERR_R_BN_LIB);
Copy link
Member

@slontis slontis Mar 1, 2023
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have no idea how we came up with these different error reasons... ERR_R_BN_LIB and also DSA_R_BN_ERROR. I would think this should not be a ERR_R_BN_LIB?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What should it be?
"internal error" might make sense.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is the only place that does a raise on the setkey :) Not sure INVALID_KEY is great either..

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At some point error raising probably needs to be added all over the place.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed about more error raising.
Technically, the error here cannot be raised. DSA_set0_key never fails. At least currently, but I doubt it will change.

@t8m t8m added the triaged: bug The issue/pr is/fixes a bug label Mar 1, 2023
@t8m t8m removed the approval: otc review pending This pull request needs review by an OTC member label Mar 1, 2023
@slontis slontis added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Mar 1, 2023
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Mar 2, 2023
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

@paulidale
Copy link
Contributor Author

Merged, thanks for the reviews.

@paulidale paulidale closed this Mar 2, 2023
@paulidale paulidale deleted the coverity-20230301 branch March 2, 2023 23:11
openssl-machine pushed a commit that referenced this pull request Mar 2, 2023
@paulidale
Coverity 1521557: Error handling issues
dd573a2 
Check the return from DSA_set0_key and generate an error on failure.
Technically a false positive since the function always returns success.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #20409)
openssl-machine pushed a commit that referenced this pull request Mar 2, 2023
@paulidale
Coverity 1521557: Error handling issues
54d31fe 
Check the return from DSA_set0_key and generate an error on failure.
Technically a false positive since the function always returns success.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #20409)

(cherry picked from commit dd573a2)
openssl-machine pushed a commit that referenced this pull request Mar 2, 2023
@paulidale
Coverity 1521557: Error handling issues
0937c01 
Check the return from DSA_set0_key and generate an error on failure.
Technically a false positive since the function always returns success.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #20409)

(cherry picked from commit dd573a2)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@t8m t8m t8m approved these changes

@slontis slontis slontis approved these changes

Assignees

@paulidale paulidale

Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 tests: exempted The PR is exempt from requirements for testing triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@paulidale @openssl-machine @t8m @slontis