Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

20250107-clang-tidy-xmss #8339

Merged
merged 5 commits into from
Jan 8, 2025
Merged

20250107-clang-tidy-xmss #8339

merged 5 commits into from
Jan 8, 2025

Conversation

douzzer
Copy link
Contributor

@douzzer douzzer commented Jan 7, 2025

wolfcrypt/src/wc_xmss_impl.c: guided by clang-tidy 20.0.0_pre20250104, add some error-checking to wc_xmss_bds_state_load() and wc_xmss_bds_state_store(), but ultimately, suppress a pair of stubborn apparently-false "function call argument is an uninitialized value" warnings, one in wc_xmss_bds_state_store() and one in wc_xmss_sign().

/tmp/tmp.4346_11739/wolfssl_test_workdir.2704/wolfssl/wolfcrypt/src/wc_xmss_impl.c:2758:9: warning: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
2758 |         c32to24(bds[i].next, sk);
|         ^

/tmp/tmp.4346_11739/wolfssl_test_workdir.2704/wolfssl/wolfcrypt/src/wc_xmss_impl.c:3483:9: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
3483 |         XMEMCPY(sig, bds->authPath, h * n);
|         ^

tested with wolfssl-multi-test.sh ... super-quick-check

@douzzer
wolfcrypt/src/wc_xmss_impl.c: guided by clang-tidy 20.0.0_pre20250104…
8c32238 
…, add some error-checking to wc_xmss_bds_state_load() and wc_xmss_bds_state_store(), but ultimately, suppress a pair of stubborn apparently-false "function call argument is an uninitialized value" warnings, one in wc_xmss_bds_state_store() and one in wc_xmss_sign().
@douzzer
wolfcrypt/src/pkcs7.c: in wc_PKCS7_BuildSignedAttributes(), clear can…
b6ce89c 
…nedAttribs[idx] before it's conditionally populated, to prevent possible uninited data read in subsequent EncodeAttributes().
@douzzer
Copy link
Contributor Author

douzzer commented Jan 7, 2025 

[all-c89-clang-tidy] [36 of 324] [8c32238733]
    configure...   real 0m14.072s  user 0m8.649s  sys 0m6.189s
    build...
/tmp/wolfbot_37789/wolfssl_test_workdir.17906/wolfssl/wolfcrypt/src/pkcs7.c:1580:21: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
1580 |         ea[i].value = attribs[i].value;
|                     ^

SparkiDev
SparkiDev previously requested changes Jan 7, 2025
View reviewed changes
wolfcrypt/src/wc_xmss_impl.c Show resolved Hide resolved
@douzzer douzzer requested a review from SparkiDev January 7, 2025 22:34
douzzer added 2 commits January 7, 2025 16:51
@douzzer
tests/api.c: in test_dtls12_basic_connection_id(), add cast to fix a …
27c37b2 
…-Wformat on size_t j when building -m32.
@douzzer
wolfcrypt/src/wc_xmss_impl.c: fix error-checking comparisons in wc_xm…
632d1c7 
…ss_bds_state_load() and wc_xmss_bds_state_store(), and remove no-longer-needed suppression in wc_xmss_sign().

.wolfssl_known_macro_extras: remove unneeded WOLFSSL_GAISLER_BCC and WOLFSSL_NO_AES_CFB_1_8.

wolfcrypt/src/dh.c: reformat overlong lines.
@douzzer douzzer removed their assignment Jan 8, 2025
@douzzer
wolfcrypt/src/integer.c: add sanity checks to mollify clang-tidy 20.0…
fd664fd 
….0_pre20250104: in mp_grow(), error if the mp_int has a null .dp but nonzero .alloc; in s_mp_add() and s_mp_sub(), error if either operand has a null .dp but the constant of iteration (from .used) is positive. these fix 6 distinct clang-analyzer-core.NullDereferences, of undetermined accuracy (possibly benign).
@douzzer
Copy link
Contributor Author

douzzer commented Jan 8, 2025 

/tmp/wolfbot_37789/wolfssl_test_workdir.8822/wolfssl/wolfcrypt/src/integer.c:1765:15: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
1765 |       *tmpc = *tmpa++ + *tmpb++ + u;
|               ^

/tmp/wolfbot_37789/wolfssl_test_workdir.8822/wolfssl/wolfcrypt/src/integer.c:1780:17: warning: Dereference of null pointer (loaded from variable 'tmpc') [clang-analyzer-core.NullDereference]
1780 |           *tmpc = x->dp[i] + u;
|                 ^

/tmp/wolfbot_37789/wolfssl_test_workdir.8822/wolfssl/wolfcrypt/src/integer.c:1780:19: warning: Array access (via field 'dp') results in a null pointer dereference [clang-analyzer-core.NullDereference]
1780 |           *tmpc = x->dp[i] + u;
|                   ^

/tmp/wolfbot_37789/wolfssl_test_workdir.8822/wolfssl/wolfcrypt/src/integer.c:1791:13: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
1791 |     *tmpc++ = u;
|             ^

/tmp/wolfbot_37789/wolfssl_test_workdir.8822/wolfssl/wolfcrypt/src/integer.c:2949:14: warning: Array access (via field 'dp') results in a null pointer dereference [clang-analyzer-core.NullDereference]
2949 |     a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
|              ^

/tmp/wolfbot_37789/wolfssl_test_workdir.8822/wolfssl/wolfcrypt/src/integer.c:3008:11: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
3008 |   *tmpc++ = u;
|           ^

@dgarske dgarske merged commit 78776ba into wolfSSL:master Jan 8, 2025
151 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dgarske dgarske dgarske approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

@SparkiDev SparkiDev Awaiting requested review from SparkiDev

Assignees

@wolfSSL-Bot wolfSSL-Bot

@SparkiDev SparkiDev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@douzzer @dgarske @SparkiDev @wolfSSL-Bot