Newly introduced defects

List of Defects

Error: CPPCHECK_WARNING: [#def1]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/decoder.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: GCC_ANALYZER_WARNING (CWE-476): [#def2]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c: scope_hint: In function ‘match_public_keys’
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2238:46: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘key2’
# 2236|   
# 2237|       /* one of the keys or both are private */
# 2238|->     if (key1->class == CKO_PUBLIC_KEY && key2->class == CKO_PRIVATE_KEY) {
# 2239|           pub_key = key1;
# 2240|           priv_key = key2;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def3]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2242:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘key2’
# 2240|           priv_key = key2;
# 2241|       } else if (key1->class == CKO_PRIVATE_KEY
# 2242|->                && key2->class == CKO_PUBLIC_KEY) {
# 2243|           pub_key = key2;
# 2244|           priv_key = key1;

Error: GCC_ANALYZER_WARNING (CWE-126): [#def4]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c: scope_hint: In function ‘p11prov_obj_import_key’
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2864:23: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2864:23: note: read of 8 bytes from after the end of ‘findctx’
#                        └───────────────────────────────────────────────────┘
#                                 ^                             ^
# 2862|       }
# 2863|       for (int i = 0; i < findctx.numattrs; i++) {
# 2864|->         key->attrs[i] = findctx.attrs[i];
# 2865|           findctx.attrs[i].pValue = NULL;
# 2866|       }

Error: GCC_ANALYZER_WARNING (CWE-121): [#def5]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2865:33: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow
pkcs11-provider-0.5-build/pkcs11-provider-0.5/src/objects.c:2865:33: note: write of 8 bytes to beyond the end of ‘findctx’
# 2863|       for (int i = 0; i < findctx.numattrs; i++) {
# 2864|           key->attrs[i] = findctx.attrs[i];
# 2865|->         findctx.attrs[i].pValue = NULL;
# 2866|       }
# 2867|       key->numattrs = findctx.numattrs;

Error: CPPCHECK_WARNING: [#def6]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/pincache.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def7]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tdigests.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def8]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tfork.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def9]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tgenkey.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def10]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tlsctx.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Error: CPPCHECK_WARNING: [#def11]
pkcs11-provider-0.5-build/pkcs11-provider-0.5/tests/tsession.c: information[normalCheckLevelMaxBranches]: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches.

Scan Properties