[openssl-dev] [openssl.org #3903] Infer run on openssl-1.0.2a

Jules Villard via RT rt at openssl.org
Thu Jun 11 23:23:28 UTC 2015 

On Thu, 11 Jun 2015 22:47:16 +0000, Salz, Rich via RT wrote:
> This is great!
> 
> Any chance you can run it against master?  I'm hoping most of the ones in apps go away ...

On master I get the following 12 reports. The first 10 seem to match
reports in my previous email, and the last two are new. I've looked at
the result of inferTraceBugs on those and added comments.

apps/srp.c:109: error: NULL_DEREFERENCE
   pointer pp last assigned on line 108 could be null and is dereferenced at line 109, column 47

apps/srp.c:126: error: NULL_DEREFERENCE
   pointer pp last assigned on line 124 could be null and is dereferenced at line 126, column 13

apps/x509.c:1008: error: NULL_DEREFERENCE
   pointer upkey last assigned on line 1007 could be null and is dereferenced by call to EVP_PKEY_copy_parameters() at line 1008, column 5

crypto/mem_dbg.c:650: error: NULL_DEREFERENCE
   pointer lcl last assigned on line 647 could be null and is dereferenced at line 650, column 22

crypto/objects/o_names.c:104: error: NULL_DEREFERENCE
   pointer name_funcs last assigned on line 102 could be null and is dereferenced at line 104, column 9

crypto/objects/o_names.c:106: error: NULL_DEREFERENCE
   pointer name_funcs last assigned on line 102 could be null and is dereferenced at line 106, column 9

crypto/objects/o_names.c:108: error: NULL_DEREFERENCE
   pointer name_funcs last assigned on line 102 could be null and is dereferenced at line 108, column 9

crypto/pkcs7/pk7_doit.c:1096: error: NULL_DEREFERENCE
   pointer ri last assigned on line 1095 could be null and is dereferenced at line 1096, column 12

crypto/x509/x509_cmp.c:406: error: NULL_DEREFERENCE
   pointer x last assigned on line 401 could be null and is dereferenced at line 406, column 55

crypto/x509/x509_req.c:125: error: NULL_DEREFERENCE
   pointer xk last assigned on line 124 could be null and is dereferenced by call to EVP_PKEY_cmp() at line 125, column 13

crypto/x509v3/v3_prn.c:131: error: NULL_DEREFERENCE
   pointer extoct last assigned on line 130 could be null and is dereferenced by call to ASN1_STRING_data() at line 131, column 9

  If X509V3_EXT_print() is called with ext == NULL then
  X509_EXTENSION_get_data(ext) returns NULL and exctoct == NULL gets
  dereferenced.

crypto/x509v3/v3_scts.c:187: error: NULL_DEREFERENCE
   pointer oct last assigned on line 179 could be null and is dereferenced at line 187, column 9

  This one looks like it might be a false positive where Infer doesn't
  know that d2i_ASN1_OCTET_STRING() will allocate oct.

More information about the openssl-dev mailing list