On Fri, Jul 04, 2014 at 08:21:15AM +0200, Otto Moerbeek wrote: > On Thu, Jul 03, 2014 at 11:35:15PM +0200, Kurt Roeckx wrote: > > > On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote: > > > On 3 July 2014 20:06, Kurt Roeckx via RT <[email protected]> wrote: > > > > On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf F?rster via RT wrote: > > > >> I think cppcheck is right here in void DES_ofb64_encrypt(), line 84, 85 > > > >> and 96, or ?: > > > >> > > > > The line before that: > > > > > > > > dp=d; > > > >> l2c(v0,dp);<--- Uninitialized variable: d > > > >> l2c(v1,dp);<--- Uninitialized variable: d > > > >> while (l--) > > > >> { > > > >> if (n == 0) > > > >> { > > > >> DES_encrypt1(ti,schedule,DES_ENCRYPT); > > > >> dp=d; > > > >> t=ti[0]; l2c(t,dp); > > > >> t=ti[1]; l2c(t,dp); > > > >> save++; > > > >> } > > > >> *(out++)= *(in++)^d[n];<--- Uninitialized variable: d > > > >> n=(n+1)&0x07; > > > >> } > > > > > > > > d is uninitialized, but it's being written to, not read from, > > > > so I don't see a problem with this. > > > > > > What? > > > > So l2c is: > > #define l2c(l,c) (*((c)++)=(unsigned char)(((l))&0xff), \ > > *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ > > *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ > > *((c)++)=(unsigned char)(((l)>>24L)&0xff)) > > > > It reads v0 and v1 and writes to d (dp). d being uninitialized > > shouldn't be an issue. Or am I missing something? > > Yes, c (which is d) is both incremented and dereferenced.
So we have: DES_cblock d; which as far as I know really is: unsigned char d[8]; and: register unsigned char *dp=d; *((dp)++) = foo; d is a valid pointer, but the content it points to is uninitialized. We end up writing to d[0], d[1], ..., d[7]. I don't see us reading it, nor do I see a problem with it. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
