[Cryptech Tech] Coverity Scan

Joachim Strömbergson joachim at assured.se
Fri Oct 19 08:54:53 UTC 2018
Previous message (by thread): [Cryptech Tech] Coverity Scan
Next message (by thread): [Cryptech Tech] Coverity Scan
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Aloha!

On 2018-10-09 11:49, Peter Gutmann wrote:
> Joachim Strömbergson <joachim at assured.se> writes:
> Getting set up for Coverity is actually pretty easy, you just sign up,
> download their scan tool to wherever your code is, run it, and upload the
> results to Coverity.  Their web-based dashboard is a bit painful to use, but
> apart from that the process is pretty straightforward.  I can provide notes on
> how to do it if it's useful.

I've gotten the tools installed and can use it to build the SW, however
it seems to be confused that files are actually created (which they
are), and therefore it doesn't emit any report. Haven't figured out why yet.


I have been able to use cppcheck (which is very easy to use, thanks for
the tip!). It is fast and seem to find some things we probably want to
look at.

-- 
Med vänlig hälsning, Yours

Joachim Strömbergson
========================================================================
                               Assured AB
========================================================================
-------------- next part --------------
[sw/libhal/hash.c:440] -> [sw/libhal/hash.c:450]: (warning) Either the condition 'state_buffer!=NULL' is redundant or there is possible null pointer dereference: state.
[sw/libhal/ks_token.c:62]: (error) failed to evaluate #if condition, division/modulo by zero
[sw/libhal/rpc_pkey.c:390]: (error) Shifting signed 32-bit value by 31 bits is undefined behaviour
[sw/libhal/tests/test-ecdsa.c:147]: (error) Resource leak: f
[sw/libhal/tests/test-ecdsa.c:225]: (error) Resource leak: f
[sw/libhal/tests/test-rsa.c:156]: (error) Resource leak: f
[sw/libhal/tests/test-rsa.c:183]: (error) Resource leak: f
[sw/libhal/tests/test-rsa.c:206]: (error) Resource leak: f
[sw/libhal/tests/test-rsa.c:220]: (error) Resource leak: f
[sw/libhal/xdr.c:136] -> [sw/libhal/xdr.c:133]: (warning) Either the condition 'inbuf==NULL' is redundant or there is possible null pointer dereference: inbuf.
[sw/libhal/xdr.c:218]: (warning) %d in format string (no. 1) requires 'int' but the argument type is 'unsigned int'.
[sw/libhal/xdr.c:240]: (warning) %d in format string (no. 1) requires 'int' but the argument type is 'unsigned int'.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_hal_msp.c:90]: (warning) Redundant assignment of 'hsram' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_hal_msp.c:96]: (warning) Redundant assignment of 'hsram' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_hal_msp.c:101]: (warning) Redundant assignment of 'hsdram' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_hal_msp.c:106]: (warning) Redundant assignment of 'hsdram' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_it.c:153]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_it.c:161]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_it.c:187]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_it.c:195]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/libraries/mbed/targets/cmsis/TARGET_STM/TARGET_STM32F4/TARGET_CRYPTECH_ALPHA/stm32f4xx_it.c:200]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/projects/cli-test/mgmt-cli.c:100]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:61]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:62]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:63]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:77]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:78]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:79]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:96]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:97]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-dfu.c:98]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:63]: (warning) Redundant assignment of 'len' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:73]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:74]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:75]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:97]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:98]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:99]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:128]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:129]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:130]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:141]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:142]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-fpga.c:143]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:62]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:96]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:129]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:198]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:227]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:228]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:229]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:335]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:336]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:337]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-keystore.c:350]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:86]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:87]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:88]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:129]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:152]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:153]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:154]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:170]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:193]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:194]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-masterkey.c:195]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-misc.c:123]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-misc.c:124]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-misc.c:125]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-misc.c:136]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-misc.c:137]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-misc.c:138]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:59]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:60]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:61]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:72]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:73]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:74]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:85]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:86]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:87]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:105]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:106]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:107]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:118]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:119]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/mgmt-show.c:120]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/cli-test/mgmt-test.c:55]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/mgmt-test.c:111]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/test-mkmif.c:145]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/cli-test/test-mkmif.c:146]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/cli-test/test-mkmif.c:147]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-bootloader.c:62]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-bootloader.c:63]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-bootloader.c:64]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-cli.c:106]: (warning) Redundant assignment of 'huart' to itself.
[sw/stm32/projects/hsm/mgmt-firmware.c:51]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-firmware.c:52]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-firmware.c:53]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:71]: (warning) Redundant assignment of 'len' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:79]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:80]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:81]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:110]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:111]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:112]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:141]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:142]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:143]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:158]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:159]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-fpga.c:160]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:62]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:96]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:129]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:154]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:287]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:288]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:289]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-keystore.c:308]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:85]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:86]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:87]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:139]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:148]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:149]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:150]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:162]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:171]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:172]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-masterkey.c:173]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:147]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:148]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:149]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:119]: (warning) Redundant assignment of 'cli' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:120]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:121]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:122]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:133]: (warning) Redundant assignment of 'cli' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:134]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:135]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-misc.c:136]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:55]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:56]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:57]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:83]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:84]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:85]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:99]: (warning) Redundant assignment of 'cli' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:100]: (warning) Redundant assignment of 'command' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:101]: (warning) Redundant assignment of 'argv' to itself.
[sw/stm32/projects/hsm/mgmt-task.c:102]: (warning) Redundant assignment of 'argc' to itself.
[sw/stm32/projects/libhal-test/gettimeofday.c:59]: (warning) Redundant assignment of 'tz' to itself.
[sw/stm32/projects/libhal-test/printf.c:365]: (warning) Redundant assignment of 'ptr' to itself.
[sw/stm32/stm-fmc.c:183]: (error) Uninitialized variable: sum
[sw/stm32/syscalls.c:54]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:55]: (warning) Redundant assignment of 'file' to itself.
[sw/stm32/syscalls.c:56]: (warning) Redundant assignment of 'ptr' to itself.
[sw/stm32/syscalls.c:57]: (warning) Redundant assignment of 'len' to itself.
[sw/stm32/syscalls.c:67]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:68]: (warning) Redundant assignment of 'file' to itself.
[sw/stm32/syscalls.c:69]: (warning) Redundant assignment of 'ptr' to itself.
[sw/stm32/syscalls.c:70]: (warning) Redundant assignment of 'dir' to itself.
[sw/stm32/syscalls.c:79]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:80]: (warning) Redundant assignment of 'file' to itself.
[sw/stm32/syscalls.c:81]: (warning) Redundant assignment of 'ptr' to itself.
[sw/stm32/syscalls.c:105]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:106]: (warning) Redundant assignment of 'file' to itself.
[sw/stm32/syscalls.c:123]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:156]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:157]: (warning) Redundant assignment of 'file' to itself.
[sw/stm32/syscalls.c:168]: (warning) Redundant assignment of 'r' to itself.
[sw/stm32/syscalls.c:169]: (warning) Redundant assignment of 'fd' to itself.
[sw/stm32/syscalls.c:178]: (warning) Redundant assignment of 'a' to itself.
[sw/stm32/syscalls.c:187]: (warning) Redundant assignment of 'a' to itself.
[sw/stm32/syscalls.c:188]: (warning) Redundant assignment of 'b' to itself.
[sw/stm32/syscalls.c:198]: (warning) Redundant assignment of 'a' to itself.
[sw/stm32/syscalls.c:208]: (warning) Redundant assignment of 'a' to itself.
[sw/stm32/syscalls.c:209]: (warning) Redundant assignment of 'b' to itself.
[sw/thirdparty/libtfm/tomsfastmath/src/headers/tfm.h:112]: (error) failed to evaluate #if condition, division/modulo by zero
[sw/thirdparty/libtfm/tomsfastmath/src/generators/comba_mont_gen.c:37] -> [sw/thirdparty/libtfm/tomsfastmath/src/generators/comba_mont_gen.c:39]: (warning) Opposite inner 'if' condition leads to a dead code block.
(information) Too many #ifdef configurations - cppcheck only checks 12 configurations. Use --force to check all configurations. For more details, use --enable=information.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cryptech.is/archives/tech/attachments/20181019/d10150a1/attachment-0001.sig>
Previous message (by thread): [Cryptech Tech] Coverity Scan
Next message (by thread): [Cryptech Tech] Coverity Scan
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Tech mailing list