Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Static Analysis Issues #514

Open
ashman-p opened this issue Sep 10, 2024 · 1 comment
Open

Static Analysis Issues #514

ashman-p opened this issue Sep 10, 2024 · 1 comment
Labels
bug Something isn't working help wanted Extra attention is needed

Comments

@ashman-p
Copy link
Contributor

Describe the bug
A clear and concise description of what the bug is.
Coverity SA tool reports a number of issues
I have triaged and classified most. The 'New' ones i have not looked at yet.
I plan to submit PRs for as many as I can.

Type Impact Status Classification Severity File. Function
1 Uninitialized pointer read High New Unclassified Unspecified Memory - illegal accesses test/oqs_test_groups.c test_group
2 Resource leak High New Unclassified Unspecified Resource leaks oqsprov/oqs_encode_key2any.c oqsx_pki_priv_to_der
3 Resource leak High New Unclassified Unspecified Resource leaks oqsprov/oqs_encode_key2any.c oqsx_pki_priv_to_der
4 Out-of-bounds read High Triaged Bug Minor Memory - illegal accesses oqsprov/oqsprov.c get_composite_idx
5 Resource leak High New Unclassified Unspecified Resource leaks oqsprov/oqs_encode_key2any.c oqsx_pki_priv_to_der
6 Resource leak High New Unclassified Unspecified Resource leaks oqsprov/oqs_encode_key2any.c oqsx_pki_priv_to_der
7 Logically dead code Medium Triaged Bug Minor Control flow issues oqsprov/oqs_sig.c oqs_sig_sign
8 Dereference after null check Medium Triaged Bug Moderate Null pointer dereferences oqsprov/oqs_kmgmt.c oqsx_get_hybrid_params
9 Dereference after null check Medium Triaged Bug Minor Null pointer dereferences test/oqs_test_evp_pkey_params.c main
10 Logically dead code Medium Triaged Bug Minor Control flow issues oqsprov/oqs_kem.c oqs_qs_kem_encaps_keyslot
11 Logically dead code Medium Triaged Bug Minor Control flow issues oqsprov/oqs_kem.c oqs_qs_kem_encaps_keyslot
12 Dereference before null check Medium Triaged Bug Minor Null pointer dereferences oqsprov/oqs_kem.c oqs_qs_kem_decaps_keyslot
13 Dereference before null check Medium Triaged Bug Minor Null pointer dereferences oqsprov/oqs_kem.c oqs_qs_kem_encaps_keyslot
14 Dereference after null check Medium Triaged Bug Moderate Null pointer dereferences oqsprov/oqsprov_keys.c oqsx_key_new
15 Explicit null dereferenced Medium New Unclassified Unspecified Null pointer dereferences oqsprov/oqsprov.c OSSL_provider_init
16 Incorrect sizeof expression Medium New Unclassified Unspecified Incorrect expression oqsprov/oqsprov.c OSSL_provider_init
17 Dereference before null check Medium Triaged Bug Minor Null pointer dereferences oqsprov/oqs_kem.c oqs_qs_kem_encaps_keyslot
18 Dereference before null check Medium Triaged Bug Minor Null pointer dereferences oqsprov/oqs_kem.c oqs_qs_kem_decaps_keyslot
19 Dead default in switch Low Triaged Bug Minor Possible Control flow issues oqsprov/oqs_sig.c oqs_sig_sign
20 Dead default in switch Low Triaged Bug Minor Possible Control flow issues oqsprov/oqs_sig.c oqs_sig_verify

To Reproduce
Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Environment (please complete the following information):

  • OS: [e.g. Ubuntu 20]
  • OpenSSL version [e.g., 3.2.0-dev]
  • oqsprovider version [e.g. 0.4.0]

Please run the following commands to obtain the version information:

  • For OpenSSL: openssl version
  • For oqsprovider: openssl list -providers

If oqsprovider is not listed as active, be sure to first follow all
USAGE guidance.

If reporting bugs triggered by OpenSSL API integrations, e.g. running
a provider build statically
or directly invoking any OpenSSL API, be sure to retrieve and report all errors
reported by using the OpenSSL ERR_get_error_all
function.

Bug reports generated from Debug builds
wth the debug environment variable "OQSPROV=1" set will be particularly helpful to find underlying
problems.

Additional context
Add any other context about the problem here.

Hints
To exclude a build/setup error, please consider running your test
commands to reproduce the problem in our pre-build docker image,
e.g. as such: docker run -it openquantumsafe/oqs-ossl3 and
provide full command input and output traces in the bug report.
@ashman-p ashman-p added the bug Something isn't working label Sep 10, 2024
@baentsch
Copy link
Member

Excellent -- Thanks very much @ashman-p for putting this together! Would you mind doing a (draft) PR already setting up this testing in GH CI (knowing it's going to fail)? This way, a) we can track progress and b) can allow others to cooperate (@dehatideep offered to do the same a few days ago in our discussion on cncf/tag-security#1333).

@baentsch baentsch added the help wanted Extra attention is needed label Sep 10, 2024
@baentsch baentsch mentioned this issue Sep 12, 2024
Merged
@dehatideep dehatideep mentioned this issue Sep 16, 2024
Closed
13 tasks
@dehatideep dehatideep mentioned this issue Sep 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ashman-p @baentsch