Fixed defects

List of Defects

Error: CLANG_WARNING: [#def1]
nss-3.98.0-build/nss-3.98/nss/lib/cryptohi/secvfy.c:522:17: warning[deadcode.DeadStores]: Value stored to 'rv' is never read
#  520|               if (sigLen == 0) {
#  521|                   /* error set by checkedSignatureLen */
#  522|->                 rv = SECFailure;
#  523|                   goto loser;
#  524|               }

Error: CLANG_WARNING: [#def2]
nss-3.98.0-build/nss-3.98/nss/lib/cryptohi/secvfy.c:527:17: warning[deadcode.DeadStores]: Value stored to 'rv' is never read
#  525|               if (sigLen > sizeof(cx->u)) {
#  526|                   PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
#  527|->                 rv = SECFailure;
#  528|                   goto loser;
#  529|               }

Error: CLANG_WARNING: [#def3]
nss-3.98.0-build/nss-3.98/nss/lib/cryptohi/secvfy.c:534:25: warning[deadcode.DeadStores]: Value stored to 'rv' is never read
#  532|                       if (sig->len != sigLen) {
#  533|                           PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
#  534|->                         rv = SECFailure;
#  535|                           goto loser;
#  536|                       }

Error: CLANG_WARNING: [#def4]
nss-3.98.0-build/nss-3.98/nss/lib/cryptohi/secvfy.c:547:21: warning[deadcode.DeadStores]: Value stored to 'rv' is never read
#  545|                   default:
#  546|                       /* Unreachable */
#  547|->                     rv = SECFailure;
#  548|                       goto loser;
#  549|               }

Error: CPPCHECK_WARNING: [#def5]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/deprecated/seed.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def6]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecl_gf.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def7]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecl_mult.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def8]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_256.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def9]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_256_32.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def10]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_384.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def11]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_521.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def12]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_jac.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def13]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_jm.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def14]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp384r1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def15]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp384r1_wrap.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def16]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING (CWE-758): [#def17]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1.c:11447: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#11445|       d = (rnaf[105] - 1) >> 1;
#11446|       for (j = 0; j < DRADIX / 2; j++) {
#11447|->         diff = (1 - (-(d ^ j) >> (8 * sizeof(int) - 1))) & 1;
#11448|           fiat_secp521r1_selectznz(Q.X, diff, Q.X, precomp[j].X);
#11449|           fiat_secp521r1_selectznz(Q.Y, diff, Q.Y, precomp[j].Y);

Error: CPPCHECK_WARNING (CWE-758): [#def18]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1.c:11458: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#11456|           d = rnaf[i];
#11457|           /* is_neg = (d < 0) ? 1 : 0 */
#11458|->         is_neg = (d >> (8 * sizeof(int) - 1)) & 1;
#11459|           /* d = abs(d) */
#11460|           d = (d ^ -is_neg) + is_neg;

Error: CPPCHECK_WARNING (CWE-758): [#def19]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1.c:11463: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#11461|           d = (d - 1) >> 1;
#11462|           for (j = 0; j < DRADIX / 2; j++) {
#11463|->             diff = (1 - (-(d ^ j) >> (8 * sizeof(int) - 1))) & 1;
#11464|               fiat_secp521r1_selectznz(lut.X, diff, lut.X, precomp[j].X);
#11465|               fiat_secp521r1_selectznz(lut.Y, diff, lut.Y, precomp[j].Y);

Error: CPPCHECK_WARNING (CWE-758): [#def20]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1.c:11525: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#11523|               d = rnaf[j * 9 + i];
#11524|               /* is_neg = (d < 0) ? 1 : 0 */
#11525|->             is_neg = (d >> (8 * sizeof(int) - 1)) & 1;
#11526|               /* d = abs(d) */
#11527|               d = (d ^ -is_neg) + is_neg;

Error: CPPCHECK_WARNING (CWE-758): [#def21]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1.c:11530: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#11528|               d = (d - 1) >> 1;
#11529|               for (k = 0; k < DRADIX / 2; k++) {
#11530|->                 diff = (1 - (-(d ^ k) >> (8 * sizeof(int) - 1))) & 1;
#11531|                   fiat_secp521r1_selectznz(lut.X, diff, lut.X, lut_cmb[j][k].X);
#11532|                   fiat_secp521r1_selectznz(lut.Y, diff, lut.Y, lut_cmb[j][k].Y);

Error: CPPCHECK_WARNING: [#def22]
nss-3.98.0-build/nss-3.98/nss/lib/freebl/ecl/ecp_secp521r1_wrap.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CLANG_WARNING: [#def23]
nss-3.98.0-build/nss-3.98/nss/lib/smime/cmsrecinfo.c:565:13: warning[deadcode.DeadStores]: Value stored to 'encalgtag' is never read
#  563|               break;
#  564|           case NSSCMSRecipientInfoID_KEK:
#  565|->             encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
#  566|               enckey = &(ri->ri.kekRecipientInfo.encKey);
#  567|               /* not supported yet */

Error: CLANG_WARNING: [#def24]
nss-3.98.0-build/nss-3.98/nss/lib/smime/cmsrecinfo.c:566:13: warning[deadcode.DeadStores]: Value stored to 'enckey' is never read
#  564|           case NSSCMSRecipientInfoID_KEK:
#  565|               encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
#  566|->             enckey = &(ri->ri.kekRecipientInfo.encKey);
#  567|               /* not supported yet */
#  568|               error = SEC_ERROR_UNSUPPORTED_KEYALG;

Scan Properties

analyzer-version-clang	18.1.7
analyzer-version-cppcheck	2.14.2
analyzer-version-gcc	14.1.1
analyzer-version-gcc-analyzer	14.1.1
analyzer-version-shellcheck	0.10.0
diffbase-analyzer-version-clang	18.1.7
diffbase-analyzer-version-cppcheck	2.14.2
diffbase-analyzer-version-gcc	14.1.1
diffbase-analyzer-version-gcc-analyzer	14.1.1
diffbase-analyzer-version-shellcheck	0.10.0
diffbase-enabled-plugins	clang, cppcheck, gcc, shellcheck
diffbase-exit-code	0
diffbase-host	ip-172-16-1-76.us-west-2.compute.internal
diffbase-mock-config	fedora-41-x86_64
diffbase-project-name	nss-3.101.0-3.fc41
diffbase-store-results-to	/tmp/tmp2lxhkgo2/nss-3.101.0-3.fc41.tar.xz
diffbase-time-created	2024-07-03 17:03:58
diffbase-time-finished	2024-07-03 17:46:56
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmp2lxhkgo2/nss-3.101.0-3.fc41.tar.xz' '--gcc-analyze' '/tmp/tmp2lxhkgo2/nss-3.101.0-3.fc41.src.rpm'
diffbase-tool-version	csmock-3.5.3-1.el9
enabled-plugins	clang, cppcheck, gcc, shellcheck
exit-code	0
host	ip-172-16-1-76.us-west-2.compute.internal
mock-config	fedora-41-x86_64
project-name	nss-3.98.0-1.fc40
store-results-to	/tmp/tmplydymh5w/nss-3.98.0-1.fc40.tar.xz
time-created	2024-07-03 16:20:04
time-finished	2024-07-03 17:03:31
title	Fixed defects
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-41-x86_64' '-t' 'cppcheck,gcc,clang,shellcheck' '-o' '/tmp/tmplydymh5w/nss-3.98.0-1.fc40.tar.xz' '--gcc-analyze' '/tmp/tmplydymh5w/nss-3.98.0-1.fc40.src.rpm'
tool-version	csmock-3.5.3-1.el9