From 460b8716c9775edcca3dd8b6c778c9b4415465f8 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Sat, 24 Oct 2015 16:22:28 +0200 Subject: [PATCH] fix clang-analyzer warnings This fixes #80 --- src/encauth/ccm/ccm_memory.c | 7 +------ src/headers/tomcrypt_argchk.h | 12 +++++++++--- src/mac/hmac/hmac_init.c | 10 ++++------ src/misc/crypt/crypt_argchk.c | 5 ++--- src/modes/xts/xts_decrypt.c | 4 +++- src/modes/xts/xts_encrypt.c | 4 +++- src/pk/asn1/der/integer/der_length_integer.c | 1 - src/pk/asn1/der/sequence/der_decode_sequence_multi.c | 2 ++ src/pk/asn1/der/sequence/der_encode_sequence_multi.c | 2 ++ src/pk/dh/dh_sys.c | 2 -- src/pk/pkcs1/pkcs_1_oaep_decode.c | 1 - src/pk/pkcs1/pkcs_1_pss_decode.c | 3 +-- src/pk/pkcs1/pkcs_1_pss_encode.c | 2 +- src/prngs/sober128.c | 1 - 14 files changed, 28 insertions(+), 28 deletions(-) diff --git a/src/encauth/ccm/ccm_memory.c b/src/encauth/ccm/ccm_memory.c index 5750f34..f12d212 100644 --- a/src/encauth/ccm/ccm_memory.c +++ b/src/encauth/ccm/ccm_memory.c @@ -127,11 +127,6 @@ int ccm_memory(int cipher, L = 15 - noncelen; } - /* decrease noncelen to match L */ - if ((noncelen + L) > 15) { - noncelen = 15 - L; - } - /* allocate mem for the symmetric key */ if (uskey == NULL) { skey = XMALLOC(sizeof(*skey)); @@ -147,7 +142,7 @@ int ccm_memory(int cipher, } else { skey = uskey; } - + /* initialize buffer for pt */ if (direction == CCM_DECRYPT) { pt_work = XMALLOC(ptlen); diff --git a/src/headers/tomcrypt_argchk.h b/src/headers/tomcrypt_argchk.h index f25837a..5cefc2d 100644 --- a/src/headers/tomcrypt_argchk.h +++ b/src/headers/tomcrypt_argchk.h @@ -5,9 +5,15 @@ #include /* this is the default LibTomCrypt macro */ -void crypt_argchk(char *v, char *s, int d); -#define LTC_ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } -#define LTC_ARGCHKVD(x) LTC_ARGCHK(x) +#if defined(__clang__) || defined(__GNUC_MINOR__) +#define NORETURN __attribute__ ((noreturn)) +#else +#define NORETURN +#endif + +void crypt_argchk(char *v, char *s, int d) NORETURN; +#define LTC_ARGCHK(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0) +#define LTC_ARGCHKVD(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0) #elif ARGTYPE == 1 diff --git a/src/mac/hmac/hmac_init.c b/src/mac/hmac/hmac_init.c index e43df24..2c887db 100644 --- a/src/mac/hmac/hmac_init.c +++ b/src/mac/hmac/hmac_init.c @@ -68,15 +68,13 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon if ((err = hash_memory(hash, key, keylen, hmac->key, &z)) != CRYPT_OK) { goto LBL_ERR; } - if(hashsize < LTC_HMAC_BLOCKSIZE) { - zeromem((hmac->key) + hashsize, (size_t)(LTC_HMAC_BLOCKSIZE - hashsize)); - } keylen = hashsize; } else { XMEMCPY(hmac->key, key, (size_t)keylen); - if(keylen < LTC_HMAC_BLOCKSIZE) { - zeromem((hmac->key) + keylen, (size_t)(LTC_HMAC_BLOCKSIZE - keylen)); - } + } + + if(keylen < LTC_HMAC_BLOCKSIZE) { + zeromem((hmac->key) + keylen, (size_t)(LTC_HMAC_BLOCKSIZE - keylen)); } /* Create the initial vector for step (3) */ diff --git a/src/misc/crypt/crypt_argchk.c b/src/misc/crypt/crypt_argchk.c index 2301c29..8588896 100644 --- a/src/misc/crypt/crypt_argchk.c +++ b/src/misc/crypt/crypt_argchk.c @@ -13,15 +13,14 @@ /** @file crypt_argchk.c Perform argument checking, Tom St Denis -*/ +*/ #if (ARGTYPE == 0) -#include void crypt_argchk(char *v, char *s, int d) { fprintf(stderr, "LTC_ARGCHK '%s' failure on line %d of file %s\n", v, d, s); - (void)raise(SIGABRT); + abort(); } #endif diff --git a/src/modes/xts/xts_decrypt.c b/src/modes/xts/xts_decrypt.c index 6afe936..1840b17 100644 --- a/src/modes/xts/xts_decrypt.c +++ b/src/modes/xts/xts_decrypt.c @@ -110,7 +110,9 @@ int xts_decrypt(const unsigned char *ct, unsigned long ptlen, unsigned char *pt, } for (i = 0; i < lim; i++) { - err = tweak_uncrypt(ct, pt, T, xts); + if ((err = tweak_uncrypt(ct, pt, T, xts)) != CRYPT_OK) { + return err; + } ct += 16; pt += 16; } diff --git a/src/modes/xts/xts_encrypt.c b/src/modes/xts/xts_encrypt.c index 4f114d7..1f6dea3 100644 --- a/src/modes/xts/xts_encrypt.c +++ b/src/modes/xts/xts_encrypt.c @@ -113,7 +113,9 @@ int xts_encrypt(const unsigned char *pt, unsigned long ptlen, unsigned char *ct, } for (i = 0; i < lim; i++) { - err = tweak_crypt(pt, ct, T, xts); + if ((err = tweak_crypt(pt, ct, T, xts)) != CRYPT_OK) { + return err; + } ct += 16; pt += 16; } diff --git a/src/pk/asn1/der/integer/der_length_integer.c b/src/pk/asn1/der/integer/der_length_integer.c index b8ff463..61584f7 100644 --- a/src/pk/asn1/der/integer/der_length_integer.c +++ b/src/pk/asn1/der/integer/der_length_integer.c @@ -46,7 +46,6 @@ int der_length_integer(void *num, unsigned long *outlen) } else { /* it's negative */ /* find power of 2 that is a multiple of eight and greater than count bits */ - leading_zero = 0; z = mp_count_bits(num); z = z + (8 - (z & 7)); if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) --z; diff --git a/src/pk/asn1/der/sequence/der_decode_sequence_multi.c b/src/pk/asn1/der/sequence/der_decode_sequence_multi.c index f22ff80..8fa4ae0 100644 --- a/src/pk/asn1/der/sequence/der_decode_sequence_multi.c +++ b/src/pk/asn1/der/sequence/der_decode_sequence_multi.c @@ -44,6 +44,8 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) type = va_arg(args, ltc_asn1_type); size = va_arg(args, unsigned long); data = va_arg(args, void*); + LTC_UNUSED_PARAM(size); + LTC_UNUSED_PARAM(data); if (type == LTC_ASN1_EOL) { break; diff --git a/src/pk/asn1/der/sequence/der_encode_sequence_multi.c b/src/pk/asn1/der/sequence/der_encode_sequence_multi.c index 1ffcfce..cf17f7f 100644 --- a/src/pk/asn1/der/sequence/der_encode_sequence_multi.c +++ b/src/pk/asn1/der/sequence/der_encode_sequence_multi.c @@ -45,6 +45,8 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) type = va_arg(args, ltc_asn1_type); size = va_arg(args, unsigned long); data = va_arg(args, void*); + LTC_UNUSED_PARAM(size); + LTC_UNUSED_PARAM(data); if (type == LTC_ASN1_EOL) { break; diff --git a/src/pk/dh/dh_sys.c b/src/pk/dh/dh_sys.c index 5f44c6a..63cad60 100644 --- a/src/pk/dh/dh_sys.c +++ b/src/pk/dh/dh_sys.c @@ -246,8 +246,6 @@ int dh_decrypt_key(const unsigned char *in, unsigned long inlen, if (inlen < keysize) { err = CRYPT_INVALID_PACKET; goto LBL_ERR; - } else { - inlen -= keysize; } if (keysize > *outlen) { diff --git a/src/pk/pkcs1/pkcs_1_oaep_decode.c b/src/pk/pkcs1/pkcs_1_oaep_decode.c index 2c768bb..5877498 100644 --- a/src/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/src/pk/pkcs1/pkcs_1_oaep_decode.c @@ -85,7 +85,6 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, */ - err = CRYPT_OK; ret = CRYPT_OK; /* must have leading 0x00 byte */ diff --git a/src/pk/pkcs1/pkcs_1_pss_decode.c b/src/pk/pkcs1/pkcs_1_pss_decode.c index 025a5d6..0fdf926 100644 --- a/src/pk/pkcs1/pkcs_1_pss_decode.c +++ b/src/pk/pkcs1/pkcs_1_pss_decode.c @@ -94,8 +94,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, /* copy out the hash */ XMEMCPY(hash, sig + x, hLen); - x += hLen; - + /* x += hLen; */ /* check the MSB */ if ((sig[0] & ~(0xFF >> ((modulus_len<<3) - (modulus_bitlen)))) != 0) { diff --git a/src/pk/pkcs1/pkcs_1_pss_encode.c b/src/pk/pkcs1/pkcs_1_pss_encode.c index d10c44d..7766c77 100644 --- a/src/pk/pkcs1/pkcs_1_pss_encode.c +++ b/src/pk/pkcs1/pkcs_1_pss_encode.c @@ -116,7 +116,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, x += modulus_len - saltlen - hLen - 2; DB[x++] = 0x01; XMEMCPY(DB + x, salt, saltlen); - x += saltlen; + /* x += saltlen; */ /* generate mask of length modulus_len - hLen - 1 from hash */ if ((err = pkcs_1_mgf1(hash_idx, hash, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) { diff --git a/src/prngs/sober128.c b/src/prngs/sober128.c index 7a45e1b..25a3b43 100644 --- a/src/prngs/sober128.c +++ b/src/prngs/sober128.c @@ -300,7 +300,6 @@ unsigned long sober128_read(unsigned char *out, unsigned long outlen, prng_state #endif c = &(prng->sober128); - t = 0; tlen = outlen; /* handle any previously buffered bytes */