Page MenuHome GnuPG

libksba coverity static analysis reports
Closed, ResolvedPublic

Description

Coverity reported also couple of potential issues for libksba (including the identical branches I mentioned in T5393 -- I do non insist on this suppression, but I included it for completeness). Again, nothing super-important, but worth fixing.

Details

Version
1.5.1

Revisions and Commits

Event Timeline

werner triaged this task as Normal priority.Apr 14 2021, 8:59 PM

I can't see null pointer de-reference (you claimed) in [4/5].
Could you please elaborate?

I can't see null pointer de-reference (you claimed) in [4/5].
Could you please elaborate?

The report was along these lines:

Error: CLANG_WARNING: [#def23]
libksba-1.5.0/src/ber-decoder.c:1296:22: warning[core.NullDereference]: Array access (from variable 'buf') results in a null pointer dereference
# 1294|                 if ( (c=read_byte (d->reader)) == -1)
# 1295|                   err = eof_or_error (d, 1);
# 1296|->               buf[n] = c;
# 1297|               }
# 1298|             if (err)

but having better look, it is false positive as the for condition contains the !err part, which I initially missed.

Thank you for checking.

Thank you for your confirmation. Closing.