On Thu, 11 Jun 2015 22:47:16 +0000, Salz, Rich via RT wrote: > This is great! > > Any chance you can run it against master? I'm hoping most of the ones in > apps go away ...
On master I get the following 12 reports. The first 10 seem to match reports in my previous email, and the last two are new. I've looked at the result of inferTraceBugs on those and added comments. apps/srp.c:109: error: NULL_DEREFERENCE pointer pp last assigned on line 108 could be null and is dereferenced at line 109, column 47 apps/srp.c:126: error: NULL_DEREFERENCE pointer pp last assigned on line 124 could be null and is dereferenced at line 126, column 13 apps/x509.c:1008: error: NULL_DEREFERENCE pointer upkey last assigned on line 1007 could be null and is dereferenced by call to EVP_PKEY_copy_parameters() at line 1008, column 5 crypto/mem_dbg.c:650: error: NULL_DEREFERENCE pointer lcl last assigned on line 647 could be null and is dereferenced at line 650, column 22 crypto/objects/o_names.c:104: error: NULL_DEREFERENCE pointer name_funcs last assigned on line 102 could be null and is dereferenced at line 104, column 9 crypto/objects/o_names.c:106: error: NULL_DEREFERENCE pointer name_funcs last assigned on line 102 could be null and is dereferenced at line 106, column 9 crypto/objects/o_names.c:108: error: NULL_DEREFERENCE pointer name_funcs last assigned on line 102 could be null and is dereferenced at line 108, column 9 crypto/pkcs7/pk7_doit.c:1096: error: NULL_DEREFERENCE pointer ri last assigned on line 1095 could be null and is dereferenced at line 1096, column 12 crypto/x509/x509_cmp.c:406: error: NULL_DEREFERENCE pointer x last assigned on line 401 could be null and is dereferenced at line 406, column 55 crypto/x509/x509_req.c:125: error: NULL_DEREFERENCE pointer xk last assigned on line 124 could be null and is dereferenced by call to EVP_PKEY_cmp() at line 125, column 13 crypto/x509v3/v3_prn.c:131: error: NULL_DEREFERENCE pointer extoct last assigned on line 130 could be null and is dereferenced by call to ASN1_STRING_data() at line 131, column 9 If X509V3_EXT_print() is called with ext == NULL then X509_EXTENSION_get_data(ext) returns NULL and exctoct == NULL gets dereferenced. crypto/x509v3/v3_scts.c:187: error: NULL_DEREFERENCE pointer oct last assigned on line 179 could be null and is dereferenced at line 187, column 9 This one looks like it might be a false positive where Infer doesn't know that d2i_ASN1_OCTET_STRING() will allocate oct. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
