[Swan-dev] FYI: recent Coverity warnings
Antony Antony
antony at phenome.org
Fri Sep 15 23:00:17 UTC 2017
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1456790: (MIXED_ENUMS)
/programs/pluto/ikev1_spdb_struct.c: 2574 in parse_ipsec_sa_body()
/programs/pluto/ikev1_spdb_struct.c: 2575 in parse_ipsec_sa_body()
/programs/pluto/ikev1_spdb_struct.c: 2576 in parse_ipsec_sa_body()
/programs/pluto/ikev1_spdb_struct.c: 2578 in parse_ipsec_sa_body()
/programs/pluto/ikev1_spdb_struct.c: 2596 in parse_ipsec_sa_body()
________________________________________________________________________________________________________
*** CID 1456790: (MIXED_ENUMS)
/programs/pluto/ikev1_spdb_struct.c: 2574 in parse_ipsec_sa_body()
2568 esp_attrs.transattrs.ta_ikev1_encrypt,
2569 esp_attrs.transattrs.enckeylen);
2570 }
2571
2572 if (ugh != NULL) {
2573 switch (esp_attrs.transattrs.ta_ikev1_encrypt) {
>>> CID 1456790: (MIXED_ENUMS)
>>> But this case, "ESP_AES", is of different type "enum ipsec_cipher_algo".
2574 case ESP_AES:
2575 case ESP_CAMELLIA:
2576 case ESP_3DES:
2577 break;
2578 case ESP_NULL:
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {
/programs/pluto/ikev1_spdb_struct.c: 2575 in parse_ipsec_sa_body()
2569 esp_attrs.transattrs.enckeylen);
2570 }
2571
2572 if (ugh != NULL) {
2573 switch (esp_attrs.transattrs.ta_ikev1_encrypt) {
2574 case ESP_AES:
>>> CID 1456790: (MIXED_ENUMS)
>>> But this case, "ESP_CAMELLIA", is of different type "enum ipsec_cipher_algo".
2575 case ESP_CAMELLIA:
2576 case ESP_3DES:
2577 break;
2578 case ESP_NULL:
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {
2580 loglog(RC_LOG_SERIOUS,
/programs/pluto/ikev1_spdb_struct.c: 2576 in parse_ipsec_sa_body()
2570 }
2571
2572 if (ugh != NULL) {
2573 switch (esp_attrs.transattrs.ta_ikev1_encrypt) {
2574 case ESP_AES:
2575 case ESP_CAMELLIA:
>>> CID 1456790: (MIXED_ENUMS)
>>> But this case, "ESP_3DES", is of different type "enum ipsec_cipher_algo".
2576 case ESP_3DES:
2577 break;
2578 case ESP_NULL:
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {
2580 loglog(RC_LOG_SERIOUS,
2581 "ESP_NULL requires auth algorithm");
/programs/pluto/ikev1_spdb_struct.c: 2578 in parse_ipsec_sa_body()
2572 if (ugh != NULL) {
2573 switch (esp_attrs.transattrs.ta_ikev1_encrypt) {
2574 case ESP_AES:
2575 case ESP_CAMELLIA:
2576 case ESP_3DES:
2577 break;
>>> CID 1456790: (MIXED_ENUMS)
>>> But this case, "ESP_NULL", is of different type "enum ipsec_cipher_algo".
2578 case ESP_NULL:
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {
2580 loglog(RC_LOG_SERIOUS,
2581 "ESP_NULL requires auth algorithm");
2582 return BAD_PROPOSAL_SYNTAX;
2583 }
/programs/pluto/ikev1_spdb_struct.c: 2596 in parse_ipsec_sa_body()
2590 ipstr(&c->spd.that.host_addr, &b));
2591 });
2592 continue; /* try another */
2593 }
2594 break;
2595
>>> CID 1456790: (MIXED_ENUMS)
>>> But this case, "ESP_DES", is of different type "enum ipsec_cipher_algo".
2596 case ESP_DES: /* NOT safe */
2597 loglog(RC_LOG_SERIOUS,
2598 "1DES was proposed, it is insecure and was rejected");
2599 /* FALL THROUGH */
2600 default:
2601 {
** CID 1456789: Null pointer dereferences (FORWARD_NULL)
/testing/enumcheck/enumcheck.c: 162 in test_enum_enum()
________________________________________________________________________________________________________
*** CID 1456789: Null pointer dereferences (FORWARD_NULL)
/testing/enumcheck/enumcheck.c: 162 in test_enum_enum()
156 printf("ERROR\n");
157 }
158
159 LSWBUF(buf) {
160 printf(PREFIX "lswlog_enum_enum %lu %lu: ", table, val);
161 lswlog_enum_enum(buf, een, table, val);
>>> CID 1456789: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "name" to "strcmp", which dereferences it.
162 if (val_ok && streq(buf->array, name)) {
163 printf("OK\n");
164 } else if (strlen(buf->array) > 0) {
165 printf("OK\n");
166 } else {
167 printf("ERROR [empty]\n");
** CID 1456788: Incorrect expression (MIXED_ENUMS)
/programs/pluto/ikev1_spdb_struct.c: 1625 in init_aggr_st_oakley()
________________________________________________________________________________________________________
*** CID 1456788: Incorrect expression (MIXED_ENUMS)
/programs/pluto/ikev1_spdb_struct.c: 1625 in init_aggr_st_oakley()
1619 passert(enc->type.oakley == OAKLEY_ENCRYPTION_ALGORITHM);
1620 /*
1621 * XXX: Always assign both .ta_encrypt and .ta_encrypt - it makes
1622 * auditing easier.
1623 */
1624 ta.ta_ikev1_encrypt = enc->val; /* OAKLEY_ENCRYPTION_ALGORITHM */
>>> CID 1456788: Incorrect expression (MIXED_ENUMS)
>>> Mixing enum types "enum ikev1_auth_method" and "enum ikev1_encr_attribute" for "ta_ikev1_encrypt".
1625 ta.ta_encrypt = ikev1_get_ike_encrypt_desc(ta.ta_ikev1_encrypt);
1626 passert(ta.ta_encrypt != NULL);
1627
1628 if (trans->attr_cnt == 5) {
1629 struct db_attr *enc_keylen;
1630 enc_keylen = &trans->attrs[4];
More information about the Swan-dev
mailing list