<div dir="ltr">Just FYI,<div><br><div>The mixed-enum errors are not new.</div><div><br></div><div>(the error is also confusing - we're mapping an unsigned onto an enum and not mixing enums)</div><div><br></div><div>Andrew</div><div><br><div class="gmail_extra"><br><div class="gmail_quote">On 15 September 2017 at 19:00, Antony Antony <span dir="ltr"><<a href="mailto:antony@phenome.org" target="_blank">antony@phenome.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">New defect(s) Reported-by: Coverity Scan<br>
Showing 3 of 3 defect(s)<br>
<br>
** CID 1456790: (MIXED_ENUMS)<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2574 in parse_ipsec_sa_body()<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2575 in parse_ipsec_sa_body()<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2576 in parse_ipsec_sa_body()<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2578 in parse_ipsec_sa_body()<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2596 in parse_ipsec_sa_body()<br>
<br>
______________________________<wbr>______________________________<wbr>______________________________<wbr>______________<br>
*** CID 1456790: (MIXED_ENUMS)<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2574 in parse_ipsec_sa_body()<br>
2568 esp_attrs.transattrs.ta_ikev1_<wbr>encrypt,<br>
2569 esp_attrs.transattrs.<wbr>enckeylen);<br>
2570 }<br>
2571<br>
2572 if (ugh != NULL) {<br>
2573 switch (esp_attrs.transattrs.ta_<wbr>ikev1_encrypt) {<br>
>>> CID 1456790: (MIXED_ENUMS)<br>
>>> But this case, "ESP_AES", is of different type "enum ipsec_cipher_algo".<br>
2574 case ESP_AES:<br>
2575 case ESP_CAMELLIA:<br>
2576 case ESP_3DES:<br>
2577 break;<br>
2578 case ESP_NULL:<br>
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2575 in parse_ipsec_sa_body()<br>
2569 esp_attrs.transattrs.<wbr>enckeylen);<br>
2570 }<br>
2571<br>
2572 if (ugh != NULL) {<br>
2573 switch (esp_attrs.transattrs.ta_<wbr>ikev1_encrypt) {<br>
2574 case ESP_AES:<br>
>>> CID 1456790: (MIXED_ENUMS)<br>
>>> But this case, "ESP_CAMELLIA", is of different type "enum ipsec_cipher_algo".<br>
2575 case ESP_CAMELLIA:<br>
2576 case ESP_3DES:<br>
2577 break;<br>
2578 case ESP_NULL:<br>
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {<br>
2580 loglog(RC_LOG_SERIOUS,<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2576 in parse_ipsec_sa_body()<br>
2570 }<br>
2571<br>
2572 if (ugh != NULL) {<br>
2573 switch (esp_attrs.transattrs.ta_<wbr>ikev1_encrypt) {<br>
2574 case ESP_AES:<br>
2575 case ESP_CAMELLIA:<br>
>>> CID 1456790: (MIXED_ENUMS)<br>
>>> But this case, "ESP_3DES", is of different type "enum ipsec_cipher_algo".<br>
2576 case ESP_3DES:<br>
2577 break;<br>
2578 case ESP_NULL:<br>
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {<br>
2580 loglog(RC_LOG_SERIOUS,<br>
2581 "ESP_NULL requires auth algorithm");<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2578 in parse_ipsec_sa_body()<br>
2572 if (ugh != NULL) {<br>
2573 switch (esp_attrs.transattrs.ta_<wbr>ikev1_encrypt) {<br>
2574 case ESP_AES:<br>
2575 case ESP_CAMELLIA:<br>
2576 case ESP_3DES:<br>
2577 break;<br>
>>> CID 1456790: (MIXED_ENUMS)<br>
>>> But this case, "ESP_NULL", is of different type "enum ipsec_cipher_algo".<br>
2578 case ESP_NULL:<br>
2579 if (esp_attrs.transattrs.ta_integ == &ike_alg_integ_none) {<br>
2580 loglog(RC_LOG_SERIOUS,<br>
2581 "ESP_NULL requires auth algorithm");<br>
2582 return BAD_PROPOSAL_SYNTAX;<br>
2583 }<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 2596 in parse_ipsec_sa_body()<br>
2590 ipstr(&c->spd.that.host_addr, &b));<br>
2591 });<br>
2592 continue; /* try another */<br>
2593 }<br>
2594 break;<br>
2595<br>
>>> CID 1456790: (MIXED_ENUMS)<br>
>>> But this case, "ESP_DES", is of different type "enum ipsec_cipher_algo".<br>
2596 case ESP_DES: /* NOT safe */<br>
2597 loglog(RC_LOG_SERIOUS,<br>
2598 "1DES was proposed, it is insecure and was rejected");<br>
2599 /* FALL THROUGH */<br>
2600 default:<br>
2601 {<br>
<br>
** CID 1456789: Null pointer dereferences (FORWARD_NULL)<br>
/testing/enumcheck/enumcheck.<wbr>c: 162 in test_enum_enum()<br><br>
______________________________<wbr>______________________________<wbr>______________________________<wbr>______________<br>
*** CID 1456788: Incorrect expression (MIXED_ENUMS)<br>
/programs/pluto/ikev1_spdb_<wbr>struct.c: 1625 in init_aggr_st_oakley()<br>
1619 passert(enc->type.oakley == OAKLEY_ENCRYPTION_ALGORITHM);<br>
1620 /*<br>
1621 * XXX: Always assign both .ta_encrypt and .ta_encrypt - it makes<br>
1622 * auditing easier.<br>
1623 */<br>
1624 ta.ta_ikev1_encrypt = enc->val; /* OAKLEY_ENCRYPTION_ALGORITHM */<br>
>>> CID 1456788: Incorrect expression (MIXED_ENUMS)<br>
>>> Mixing enum types "enum ikev1_auth_method" and "enum ikev1_encr_attribute" for "ta_ikev1_encrypt".<br>
1625 ta.ta_encrypt = ikev1_get_ike_encrypt_desc(ta.<wbr>ta_ikev1_encrypt);<br>
1626 passert(ta.ta_encrypt != NULL);<br>
1627<br>
1628 if (trans->attr_cnt == 5) {<br>
1629 struct db_attr *enc_keylen;<br>
1630 enc_keylen = &trans->attrs[4];<br>
______________________________<wbr>_________________<br>
Swan-dev mailing list<br>
<a href="mailto:Swan-dev@lists.libreswan.org">Swan-dev@lists.libreswan.org</a><br>
<a href="https://lists.libreswan.org/mailman/listinfo/swan-dev" rel="noreferrer" target="_blank">https://lists.libreswan.org/<wbr>mailman/listinfo/swan-dev</a><br>
</blockquote></div><br></div></div></div></div>