From pspacek at redhat.com Fri Mar 27 12:46:17 2015 From: pspacek at redhat.com (Petr Spacek) Date: Fri, 27 Mar 2015 13:46:17 +0100 Subject: [Softhsm-develop] static analysis results for git a9239137c73bf5e482accc5af8a4c1bbd375b394 Message-ID: <55155119.2050009@redhat.com> Hello! Someone mentioned that you are working towards SoftHSM v2.0.0 release so it sounds like the right time to run static code analysis again. Fresh results from git head a9239137c73bf5e482accc5af8a4c1bbd375b394 are quite impressive! >From 143 defects detected back in September 2014 we are now down to 8 defects detected today. I'm attaching scan results to this e-mail. Interestingly, gcc version 5.0.0 with -Wshadow option screams a lot and produces more than 250 warnings about shadowed variables. I'm not sure if the check makes sense in all cases but it is suspicious - these results are attached in shadow-warnings.err.bz2. I hope this will be useful to you. Have a nice day! -- Petr Spacek @ Red Hat -------------- next part -------------- Error: RESOURCE_LEAK (CWE-772): softhsm-2.0.0GITa923913/src/bin/common/library.cpp:98: alloc_fn: Storage is returned from allocation function "dlopen". softhsm-2.0.0GITa923913/src/bin/common/library.cpp:98: var_assign: Assigning: "pDynLib" = storage returned from "dlopen("/usr/lib64/pkcs11/libsofthsm2.so", 2)". softhsm-2.0.0GITa923913/src/bin/common/library.cpp:105: leaked_storage: Variable "pDynLib" going out of scope leaks the storage it points to. Error: RESOURCE_LEAK (CWE-772): softhsm-2.0.0GITa923913/src/bin/common/library.cpp:94: alloc_fn: Storage is returned from allocation function "dlopen". softhsm-2.0.0GITa923913/src/bin/common/library.cpp:94: var_assign: Assigning: "pDynLib" = storage returned from "dlopen(module, 2)". softhsm-2.0.0GITa923913/src/bin/common/library.cpp:105: leaked_storage: Variable "pDynLib" going out of scope leaks the storage it points to. Error: DEADCODE (CWE-561): softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2046: assignment: Assigning: "isRSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2050: assignment: Assigning: "isRSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2058: assignment: Assigning: "isRSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2066: const: At condition "isRSA", the value of "isRSA" must be equal to 1. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2066: dead_error_condition: The condition "isRSA" must be true. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2087: dead_error_line: Execution cannot reach this statement: "return 112UL;". Error: DEADCODE (CWE-561): softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2640: assignment: Assigning: "isRSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2644: assignment: Assigning: "isRSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2665: assignment: Assigning: "isRSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2673: const: At condition "isRSA", the value of "isRSA" must be equal to 1. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2673: dead_error_condition: The condition "isRSA" must be true. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2694: dead_error_line: Execution cannot reach this statement: "return 112UL;". Error: DEADCODE (CWE-561): softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:3491: assignment: Assigning: "isECDSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:3549: const: At condition "isECDSA", the value of "isECDSA" must be equal to 1. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:3549: dead_error_condition: The condition "isECDSA" must be true. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:3589: dead_error_line: Execution cannot reach this statement: "return 112UL;". Error: DEADCODE (CWE-561): softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:4304: assignment: Assigning: "isECDSA" = "true". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:4362: const: At condition "isECDSA", the value of "isECDSA" must be equal to 1. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:4362: dead_error_condition: The condition "isECDSA" must be true. softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:4402: dead_error_line: Execution cannot reach this statement: "return 112UL;". Error: CHECKED_RETURN (CWE-252): softhsm-2.0.0GITa923913/src/lib/crypto/OSSLEVPHashAlgorithm.cpp:61: check_return: Calling "hashFinal" without checking return value (as is done elsewhere 11 out of 13 times). softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:3130: example_checked: Example 1: "session->getDigestOp()->hashFinal(digest)" has its value checked in "session->getDigestOp()->hashFinal(digest) == 0". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2986: example_checked: Example 2: "session->getDigestOp()->hashFinal(digest)" has its value checked in "session->getDigestOp()->hashFinal(digest) == 0". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLDSA.cpp:390: example_assign: Example 3: Assigning: "bFirstResult" = return value from "this->pCurrentHash->hashFinal(hash)". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLDSA.cpp:395: example_checked: Example 3 (cont.): "bFirstResult" has its value checked in "bFirstResult". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLEVPHashAlgorithm.cpp:99: example_checked: Example 4: "this->HashAlgorithm::hashFinal(hashedData)" has its value checked in "this->HashAlgorithm::hashFinal(hashedData)". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLRSA.cpp:890: example_assign: Example 5: Assigning: "bFirstResult" = return value from "this->pCurrentHash->hashFinal(firstHash)". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLRSA.cpp:903: example_checked: Example 5 (cont.): "bFirstResult" has its value checked in "bFirstResult". Error: CHECKED_RETURN (CWE-252): softhsm-2.0.0GITa923913/src/lib/crypto/OSSLEVPHashAlgorithm.cpp:89: check_return: Calling "hashFinal" without checking return value (as is done elsewhere 11 out of 13 times). softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:3130: example_checked: Example 1: "session->getDigestOp()->hashFinal(digest)" has its value checked in "session->getDigestOp()->hashFinal(digest) == 0". softhsm-2.0.0GITa923913/src/lib/SoftHSM.cpp:2986: example_checked: Example 2: "session->getDigestOp()->hashFinal(digest)" has its value checked in "session->getDigestOp()->hashFinal(digest) == 0". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLDSA.cpp:390: example_assign: Example 3: Assigning: "bFirstResult" = return value from "this->pCurrentHash->hashFinal(hash)". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLDSA.cpp:395: example_checked: Example 3 (cont.): "bFirstResult" has its value checked in "bFirstResult". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLEVPHashAlgorithm.cpp:99: example_checked: Example 4: "this->HashAlgorithm::hashFinal(hashedData)" has its value checked in "this->HashAlgorithm::hashFinal(hashedData)". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLRSA.cpp:890: example_assign: Example 5: Assigning: "bFirstResult" = return value from "this->pCurrentHash->hashFinal(firstHash)". softhsm-2.0.0GITa923913/src/lib/crypto/OSSLRSA.cpp:903: example_checked: Example 5 (cont.): "bFirstResult" has its value checked in "bFirstResult". -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: shadow-warnings.err.bz2 Type: application/x-bzip2 Size: 9434 bytes Desc: not available URL: From rickard at opendnssec.org Tue Mar 31 11:52:31 2015 From: rickard at opendnssec.org (Rickard Bellgrim) Date: Tue, 31 Mar 2015 13:52:31 +0200 Subject: [Softhsm-develop] static analysis results for git a9239137c73bf5e482accc5af8a4c1bbd375b394 In-Reply-To: <55155119.2050009@redhat.com> References: <55155119.2050009@redhat.com> Message-ID: On Fri, Mar 27, 2015 at 1:46 PM, Petr Spacek wrote: > > >From 143 defects detected back in September 2014 we are now down to 8 > defects > detected today. > Thanks, will have a look at this. > Interestingly, gcc version 5.0.0 with -Wshadow option screams a lot and > produces more than 250 warnings about shadowed variables. I'm not sure if > the > check makes sense in all cases but it is suspicious - these results are > attached in shadow-warnings.err.bz2. > They can be resolved by renaming the variables, the behavior would still be the same. Both the incoming variable and the member variable (after calling the parent object) are pointing to the same object. // Rickard -------------- next part -------------- An HTML attachment was scrubbed... URL: