[Swan-dev] Coverty detects apparent problem with ikev2_send_cert

D. Hugh Redelmeier hugh at mimosa.com
Sun May 9 03:14:23 UTC 2021


This report appears accurate.

| 1234     	const struct cert *mycert = c->spd.this.cert.nss_cert != NULL ? &c->spd.this.cert : NULL;

It sure looks as if can leave mycert == NULL.

| 1240     		SECItem *pkcs7 = nss_pkcs7_blob(mycert, send_full_chain);

This passes mycert to nss_pkcs7_blob.  That routine unconditionally
dereferences that argument.

I don't know the right fix -- I don't understand the code.

| From: scan-admin at coverity.com
| Date: Fri, 07 May 2021 22:08:57 +0000 (UTC)
| Subject: New Defects reported by Coverity Scan for antonyantony/libreswan

| ** CID 1504631:  Null pointer dereferences  (FORWARD_NULL)
| 
| 
| ________________________________________________________________________________________________________
| *** CID 1504631:  Null pointer dereferences  (FORWARD_NULL)
| /programs/pluto/x509.c: 1240 in ikev2_send_cert()
| 1234     	const struct cert *mycert = c->spd.this.cert.nss_cert != NULL ? &c->spd.this.cert : NULL;
| 1235     	bool send_authcerts = c->send_ca != CA_SEND_NONE;
| 1236     	bool send_full_chain = send_authcerts && c->send_ca == CA_SEND_ALL;
| 1237     
| 1238     	if (impair.send_pkcs7_thingie) {
| 1239     		llog(RC_LOG, outpbs->outs_logger, "IMPAIR: sending cert as PKCS7 blob");
| >>>     CID 1504631:  Null pointer dereferences  (FORWARD_NULL)
| >>>     Passing null pointer "mycert" to "nss_pkcs7_blob", which dereferences it.
| 1240     		SECItem *pkcs7 = nss_pkcs7_blob(mycert, send_full_chain);
| 1241     		if (!pexpect(pkcs7 != NULL)) {
| 1242     			return STF_INTERNAL_ERROR;
| 1243     		}
| 1244     		struct ikev2_cert pkcs7_hdr = {
| 1245     			.isac_critical = build_ikev2_critical(false, outpbs->outs_logger),
| 
| 
| ________________________________________________________________________________________________________
| To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq8aBKViEpsZ9KPFMeJd7kKMDjyzu82COVFw1h1aYx-2FtFrefiPxkohPqZgI7DsTRPR5L954NuJuE0J6c4ee-2B5kYpPdq_2TvXW9olEOZQJUSgjFohZZ3vBgori70OQNQ3CwYJqcIDeI1iUgoVPFi7HHLu9-2FPedpNlH1Tpn4KtbY0nphVzP6bA8wuRjc0Joacc-2FEG7BNuQ2YIjtZ6iOn4G42XasEDdf2ZUzs3twzYUzB1gz2QWkibZaEKVE6zMX4zivDHP9q0HxWeR0lu8wKLq2gVLKtxFXFASlTr-2Fv1N-2BfFDgmoRsqA-3D-3D


More information about the Swan-dev mailing list