hcrypto: Fix warning in HMAC_Init_ex()

2022-12-30 16:38:55 -06:00
parent 20c4c0dea9
commit 274b683d76
5 changed files with 24 additions and 5 deletions
--- a/lib/hcrypto/hmac.c
+++ b/lib/hcrypto/hmac.c
@@ -113,9 +113,10 @@ HMAC_Init_ex(HMAC_CTX *ctx,
            ctx->ipad = malloc(blockSize);
        if (ctx->ipad)
            ctx->ctx = EVP_MD_CTX_create();
-        if (!ctx->buf || !ctx->opad || !ctx->ipad || !ctx->ctx)
-            return 0;
    }
+    /* We do this check here to quiet scan-build */
+    if (!ctx->buf || !ctx->opad || !ctx->ipad || !ctx->ctx)
+	return 0;
 #if 0
    ctx->engine = engine;
 #endif
--- a/lib/hcrypto/libtommath/bn_mp_log_u32.c
+++ b/lib/hcrypto/libtommath/bn_mp_log_u32.c
@@ -91,13 +91,24 @@ mp_err mp_log_u32(const mp_int *a, uint32_t base, uint32_t *c)
      return MP_VAL;
   }

+   /* `base' is at least 2 */
+
   /* A small shortcut for bases that are powers of two. */
   if ((base & (base - 1u)) == 0u) {
      int y, bit_count;
+
      for (y=0; (y < 7) && ((base & 1u) == 0u); y++) {
+         /* We must go through this loop at least once */
         base >>= 1;
      }
      bit_count = mp_count_bits(a) - 1;
+      /*
+       * `y' is necessarily at least 1 because `base' is a power of two and
+       * larger than 1, so we must have gone through the loop at least once, so
+       * we can't be dividing by zero.
+       *
+       * scan-build thinks we can be dividing by zero...  WAT.
+       */
      *c = (uint32_t)(bit_count/y);
      return MP_OKAY;
   }
--- a/lib/hcrypto/libtommath/bn_mp_prime_rand.c
+++ b/lib/hcrypto/libtommath/bn_mp_prime_rand.c
@@ -39,7 +39,7 @@ mp_err s_mp_prime_random_ex(mp_int *a, int t, int size, int flags, private_mp_pr
   bsize = (size>>3) + ((size&7)?1:0);

   /* we need a buffer of bsize bytes */
-   tmp = (unsigned char *) MP_MALLOC((size_t)bsize);
+   tmp = (unsigned char *) MP_CALLOC(1, (size_t)bsize);
   if (tmp == NULL) {
      return MP_MEM;
   }
--- a/lib/hcrypto/libtommath/bn_s_mp_montgomery_reduce_fast.c
+++ b/lib/hcrypto/libtommath/bn_s_mp_montgomery_reduce_fast.c
@@ -31,6 +31,14 @@ mp_err s_mp_montgomery_reduce_fast(mp_int *x, const mp_int *n, mp_digit rho)
      }
   }

+   /*
+    * We only have to initialize W[] here because even though we'll initialize
+    * it below, scan-build can fail to notice that we initialized as much of it
+    * as we'll use, and so it emits a spurious warning.  An optimizing compiler
+    * might be as dumb as scan-build... so let's avoid the danger.
+    */
+   MP_ZERO_BUFFER(W, sizeof(W));
+
   /* first we have to get the digits of the input into
    * an array of double precision words W[...]
    */
--- a/lib/hcrypto/rand-fortuna.c
+++ b/lib/hcrypto/rand-fortuna.c
@@ -501,10 +501,9 @@ fortuna_reseed(void)
 	/* add /etc/shadow */
 	fd = open("/etc/shadow", O_RDONLY, 0);
 	if (fd >= 0) {
-	    ssize_t n;
 	    rk_cloexec(fd);
 	    /* add_entropy will hash the buf */
-	    while ((n = read(fd, (char *)u.shad, sizeof(u.shad))) > 0)
+	    while (read(fd, (char *)u.shad, sizeof(u.shad)) > 0)
 		add_entropy(&main_state, u.shad, sizeof(u.shad));
 	    close(fd);
 	}