[Swan-dev] Coverty detects apparent problem with ikev2_send_cert
D. Hugh Redelmeier
hugh at mimosa.com
Sun May 9 03:14:23 UTC 2021
This report appears accurate.
| 1234 const struct cert *mycert = c->spd.this.cert.nss_cert != NULL ? &c->spd.this.cert : NULL;
It sure looks as if can leave mycert == NULL.
| 1240 SECItem *pkcs7 = nss_pkcs7_blob(mycert, send_full_chain);
This passes mycert to nss_pkcs7_blob. That routine unconditionally
dereferences that argument.
I don't know the right fix -- I don't understand the code.
| From: scan-admin at coverity.com
| Date: Fri, 07 May 2021 22:08:57 +0000 (UTC)
| Subject: New Defects reported by Coverity Scan for antonyantony/libreswan
| ** CID 1504631: Null pointer dereferences (FORWARD_NULL)
|
|
| ________________________________________________________________________________________________________
| *** CID 1504631: Null pointer dereferences (FORWARD_NULL)
| /programs/pluto/x509.c: 1240 in ikev2_send_cert()
| 1234 const struct cert *mycert = c->spd.this.cert.nss_cert != NULL ? &c->spd.this.cert : NULL;
| 1235 bool send_authcerts = c->send_ca != CA_SEND_NONE;
| 1236 bool send_full_chain = send_authcerts && c->send_ca == CA_SEND_ALL;
| 1237
| 1238 if (impair.send_pkcs7_thingie) {
| 1239 llog(RC_LOG, outpbs->outs_logger, "IMPAIR: sending cert as PKCS7 blob");
| >>> CID 1504631: Null pointer dereferences (FORWARD_NULL)
| >>> Passing null pointer "mycert" to "nss_pkcs7_blob", which dereferences it.
| 1240 SECItem *pkcs7 = nss_pkcs7_blob(mycert, send_full_chain);
| 1241 if (!pexpect(pkcs7 != NULL)) {
| 1242 return STF_INTERNAL_ERROR;
| 1243 }
| 1244 struct ikev2_cert pkcs7_hdr = {
| 1245 .isac_critical = build_ikev2_critical(false, outpbs->outs_logger),
|
|
| ________________________________________________________________________________________________________
| To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYpPdq_2TvXW9olEOZQJUSgjFohZZ3vBgori70OQNQ3CwYJqcIDeI1iUgoVPFi7HHLu9-2FPedpNlH1Tpn4KtbY0nphVzP6bA8wuRjc0Joacc-2FEG7BNuQ2YIjtZ6iOn4G42XasEDdf2ZUzs3twzYUzB1gz2QWkibZaEKVE6zMX4zivDHP9q0HxWeR0lu8wKLq2gVLKtxFXFASlTr-2Fv1N-2BfFDgmoRsqA-3D-3D
More information about the Swan-dev
mailing list