Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DBV5w_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHbDej68mEC9KTi6E4sWO2Kuc48yEVMFMzq9t90DTe4suiVxb6I3P2tETeXQCHSwomsTKvy9TJPh1xaUNIT31RtvhLHnEc2SJ82md41pGtl21t582WWbXBPmX9LXaoDyL2l4Di1aVk3q9NO1hjz-2F0wsDON5aCbamShLvKfOi5gZlRA7jS9Pvo6J3jRVGMRZasM-3D Build ID: 473277 Analysis Summary: New defects found: 1 Defects eliminated: 0 If you have difficulty understanding any defects, email us at scan-ad...@coverity.com, or post your question to StackOverflow at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3D5nfE_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHbDej68mEC9KTi6E4sWO2Kuc48yEVMFMzq9t90DTe4smJM5cpxiHEd2wcsweAXr0uXSg-2FvA8V3sdWvvmf4fhN0auHdhlFr8UPs2PSDZ517idhFXeomH2IxvHKCaqj25km2q6BvXcNiFRnRvNkWomId8RPWLHK3nYIE1PRYvpMq7H7OBgBIKY-2F1oO1rbpoTGAM-3D
[openssl/openssl] 278b0d: Fix asan finding in bio_addr
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 278b0d8b674eba6f6e1ec51a18c3ccaf8db02701 https://github.com/openssl/openssl/commit/278b0d8b674eba6f6e1ec51a18c3ccaf8db02701 Author: Juergen Christ Date: 2022-08-12 (Fri, 12 Aug 2022) Changed paths: M crypto/bio/bio_addr.c Log Message: --- Fix asan finding in bio_addr Running test_tfo_cli under asan yields ==166214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6070d57c at pc 0x03ffa004ed86 bp 0x03ffe2977e80 sp 0x03ffe2977668 READ of size 112 at 0x6070d57c thread T0 #0 0x3ffa004ed85 in memcpy (/lib64/libasan.so.8+0x4ed85) #1 0x3ff9f3615b7 in BIO_ADDR_dup crypto/bio/bio_addr.c:77 [...] and fails the test. Fix this by copying the right structure of the union. Signed-off-by: Juergen Christ Reviewed-by: Todd Short Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18979) Commit: d272ef5372a16924a5804b74a76491b1bc8529b5 https://github.com/openssl/openssl/commit/d272ef5372a16924a5804b74a76491b1bc8529b5 Author: Juergen Christ Date: 2022-08-12 (Fri, 12 Aug 2022) Changed paths: M test/bio_tfo_test.c Log Message: --- Fix asan finding in bio_tfo_test Running bio_tfo_test under asan yields ==172342==ERROR: LeakSanitizer: detected memory leaks Direct leak of 380 byte(s) in 5 object(s) allocated from: #0 0x3ff89bba251 in malloc (/lib64/libasan.so.8+0xba251) #1 0x3ff88cf9fd5 in gaih_inet.constprop.0 (/lib64/libc.so.6+0xf9fd5) #2 0x3ff88cfaf6f in getaddrinfo (/lib64/libc.so.6+0xfaf6f) #3 0x3ff89ba52a9 in __interceptor_getaddrinfo.part.0 (/lib64/libasan.so.8+0xa52a9) #4 0x1004909 in test_fd_tfo test/bio_tfo_test.c:241 [...] and fails the test. Fix this by freeing the return addrinfo on exit. Signed-off-by: Juergen Christ Reviewed-by: Todd Short Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18979) Compare: https://github.com/openssl/openssl/compare/d13c8b772543...d272ef5372a1
[openssl/openssl] d13c8b: Make OSSL_TIME a structure
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: d13c8b7725437490be8c1a2b438936af10f808d0 https://github.com/openssl/openssl/commit/d13c8b7725437490be8c1a2b438936af10f808d0 Author: Pauli Date: 2022-08-12 (Fri, 12 Aug 2022) Changed paths: M doc/internal/man3/OSSL_TIME.pod M include/internal/time.h M ssl/event_queue.c M ssl/quic/quic_wire.c M ssl/time.c M test/event_queue_test.c M test/quic_wire_test.c Log Message: --- Make OSSL_TIME a structure This prevents misuses creeping in. Reviewed-by: Hugo Landau Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18882)
[openssl/openssl] ce3951: VC++ 2008 or earlier x86 compilers do not have an ...
Branch: refs/heads/openssl-3.0 Home: https://github.com/openssl/openssl Commit: ce3951fc30c7bc7c3dbacba19d87c79d9af9da0d https://github.com/openssl/openssl/commit/ce3951fc30c7bc7c3dbacba19d87c79d9af9da0d Author: Daiyuu Nobori Date: 2022-08-12 (Fri, 12 Aug 2022) Changed paths: M crypto/threads_win.c Log Message: --- VC++ 2008 or earlier x86 compilers do not have an inline implementation of InterlockedOr64 for 32bit and will fail to run on Windows XP 32bit. See: https://docs.microsoft.com/en-us/cpp/intrinsics/interlockedor-intrinsic-functions#requirements To work around this problem, we implement a manual locking mechanism for only VC++ 2008 or earlier x86 compilers. Reviewed-by: Shane Lontis Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18856) (cherry picked from commit 2d46a44ff24173d2cf5ea2196360cb79470d49c7)
[openssl/openssl] 2d46a4: VC++ 2008 or earlier x86 compilers do not have an ...
Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2d46a44ff24173d2cf5ea2196360cb79470d49c7 https://github.com/openssl/openssl/commit/2d46a44ff24173d2cf5ea2196360cb79470d49c7 Author: Daiyuu Nobori Date: 2022-08-12 (Fri, 12 Aug 2022) Changed paths: M crypto/threads_win.c Log Message: --- VC++ 2008 or earlier x86 compilers do not have an inline implementation of InterlockedOr64 for 32bit and will fail to run on Windows XP 32bit. See: https://docs.microsoft.com/en-us/cpp/intrinsics/interlockedor-intrinsic-functions#requirements To work around this problem, we implement a manual locking mechanism for only VC++ 2008 or earlier x86 compilers. Reviewed-by: Shane Lontis Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18856)