[mod_gnutls-devel] clang static analysis for mod_gnutls version 0.7
Thomas Klute
thomas2.klute at uni-dortmund.de
Mon Aug 10 07:51:09 CEST 2015
Hi Ramkumar,
most of these warnings look harmless to me: Parameters aren't checked
for NULL, but those are internal functions which are never called with a
NULL parameter. Similarly ap_get_module_config might return NULL if the
module hasn't been configured, but that would cause trouble before any
I/O could happen. I'll probably add checks later to guard against
programming errors.
Could Clang provide additional information on what might pass NULL
pointers to read_crt_cn or read_pgpcrt_cn, or does it only check the
function scope?
This one is more interesting, though:
> gnutls_hooks.c:1389:16: warning: The left operand of '&' is a garbage value
> if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) {
> ~~~~~~ ^
The status variable in mgs_cert_verify is potentially problematic, but
the code paths that leave it unset would only be triggered if there was
a configuration error that wasn't caught by the config parser, setting
an invalid verify method. Still, with client auth on the line it's
better to have another line of defense, so commit
99f837526ed506e3c14672c8e5b6773d9b96577c [1] makes sure the client
certificate status is initialized as invalid.
Thanks for pointing this out!
Thomas
[1]
https://github.com/airtower-luna/mod_gnutls/commit/99f837526ed506e3c14672c8e5b6773d9b96577c
Am 02.08.2015 um 08:09 schrieb Ramkumar Chinchani:
> FWIW ...
>
>
> gnutls_io.c:58:13: warning: Access to field 'module_config' results in
> a dereference of a null pointer (loaded from field 'base_server')
> ap_get_module_config(f->c->base_server->module_config,
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> /usr/include/apache2/http_config.h:508:16: note: expanded from macro
> 'ap_get_module_config'
> (((void **)(v))[(m)->module_index])
> ^~~
> 1 warning generated.
>
>
>
>
> gnutls_hooks.c:241:17: warning: Access to field 'server_hostname'
> results in a dereference of a null pointer (loaded from variable 's')
> s->server_hostname, s->port);
> ^~~~~~~~~~~~~~~~~~
> /usr/include/apache2/http_log.h:363:42: note: expanded from macro 'ap_log_error'
> #define ap_log_error(...) ap_log_error__(__VA_ARGS__)
> ^
> /usr/include/apache2/http_log.h:367:65: note: expanded from macro
> 'ap_log_error__'
> ap_log_error_(file, line, mi, level, status, sr__,
> __VA_ARGS__); \
> ^
> gnutls_hooks.c:290:17: warning: Access to field 'server_hostname'
> results in a dereference of a null pointer (loaded from variable 's')
> s->server_hostname, s->port);
> ^~~~~~~~~~~~~~~~~~
> /usr/include/apache2/http_log.h:363:42: note: expanded from macro 'ap_log_error'
> #define ap_log_error(...) ap_log_error__(__VA_ARGS__)
> ^
> /usr/include/apache2/http_log.h:367:65: note: expanded from macro
> 'ap_log_error__'
> ap_log_error_(file, line, mi, level, status, sr__,
> __VA_ARGS__); \
> ^
> gnutls_hooks.c:1389:16: warning: The left operand of '&' is a garbage value
> if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) {
> ~~~~~~ ^
> 3 warnings generated.
>
> _______________________________________________
> mod_gnutls-devel mailing list
> mod_gnutls-devel at lists.gnutls.org
> http://lists.gnupg.org/mailman/listinfo/mod_gnutls-devel
>
More information about the mod_gnutls-devel
mailing list