Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

missing BN_div() error check? #304

Closed
setharnold opened this issue Mar 30, 2022 · 3 comments · Fixed by #306
Closed

missing BN_div() error check? #304

setharnold opened this issue Mar 30, 2022 · 3 comments · Fixed by #306

Comments

@setharnold
Copy link

libtpms/src/tpm2/crypto/openssl/Helpers.c

Line 524 in bd42b67

BN_div(Q, Qr, N, P, ctx);

Hello, Coverity has pointed out that that BN_div() is called in InitOpenSSLRSAPrivateKey() without checking the return value for an error.

Thanks
@stefanberger
Copy link
Owner

Thanks. Interestingly Coverity does not tell me that.

stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
ffaaeb0 
Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
ec8cf3e 
Check the return code of BN_div() when calculating Q and Qr.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
8664ac5 
Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
@stefanberger stefanberger mentioned this issue Mar 30, 2022
Merged
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
7f35dc2 
Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
8590849 
Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
45722dc 
Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
6aaeb76 
Backport of 8590849.

Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
3aef0b7 
Backport of 8590849.

Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This was referenced Mar 30, 2022
Merged
Merged
Merged
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
7c0e0c3 
Backport of 8590849.

Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
84aca17 
Backport of 8590849.

Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
stefanberger added a commit that referenced this issue Mar 30, 2022
@stefanberger
tpm2: Check return code of BN_div()
897c8f8 
Check the return code of BN_div() when calculating Q and Qr of
a private key.

Resolves: #304
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
@setharnold
Copy link
Author

I'm surprised your Coverity didn't mention it; I'm no expert, but the "Calling foo without checking return value (as is done elsewhere N out of M times)" output feels like it's been around for years.

I'm using cov-analysis-linux64-2021.9.0, slapped onto the side of an Ubuntu package build process; are you using the scan.coverity.com service, or a self-hosted version?

Thanks

@stefanberger
Copy link
Owner

I'm using cov-analysis-linux64-2021.9.0, slapped onto the side of an Ubuntu package build process; are you using the scan.coverity.com service, or a self-hosted version?

I am using their service and trigger the checks via a push to coverity_scan branch, which triggers Travis to build for Coverity and submitted the build to their service.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

tpm2: Check return code of BN_div() stefanberger/libtpms
2 participants
@stefanberger @setharnold