[PATCH] eap-wsc: Silence static analysis

($INBOX_DIR/description missing)
 help / color / mirror / Atom feed

From: Denis Kenzior <denkenz@gmail.com>
To: iwd@lists.linux.dev
Cc: Denis Kenzior <denkenz@gmail.com>
Subject: [PATCH] eap-wsc: Silence static analysis
Date: Tue, 27 Feb 2024 15:25:12 -0600	[thread overview]
Message-ID: <20240227212521.1510693-1-denkenz@gmail.com> (raw)

static analysis complains that authenticator is used uninitialized.
This isn't strictly true as memory region is reserved for the
authenticator using the contents of the passed in structure.  This
region is then overwritten once the authenticator is actually computed
by authenticator_put().  Silence this warning by explicitly setting
authenticator bytes to 0.
---
 src/eap-wsc.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/eap-wsc.c b/src/eap-wsc.c
index 65a97da4ee5e..789a20f032b9 100644
--- a/src/eap-wsc.c
+++ b/src/eap-wsc.c
@@ -695,6 +695,8 @@ static void eap_wsc_send_m5(struct eap_state *eap,
 	size_t encrypted_len;
 	bool r;
 
+	memset(m5.authenticator, 0, sizeof(m5.authenticator));
+
 	memcpy(m5es.e_snonce1, wsc->local_snonce1, sizeof(wsc->local_snonce1));
 	pdu = wsc_build_m5_encrypted_settings(&m5es, &pdu_len);
 	explicit_bzero(m5es.e_snonce1, sizeof(wsc->local_snonce1));
@@ -797,6 +799,8 @@ static void eap_wsc_send_m3(struct eap_state *eap,
 	uint8_t *pdu;
 	size_t pdu_len;
 
+	memset(m3.authenticator, 0, sizeof(m3.authenticator));
+
 	len = strlen(wsc->device_password);
 
 	/* WSC 2.0.5, Section 7.4:
@@ -975,6 +979,8 @@ static void eap_wsc_r_send_m8(struct eap_state *eap,
 	unsigned int auth_types =
 		wsc->m1->auth_type_flags & wsc->m2->auth_type_flags;
 
+	memset(m8.authenticator, 0, sizeof(m8.authenticator));
+
 	if (auth_types & WSC_AUTHENTICATION_TYPE_OPEN)
 		memcpy(&creds[creds_cnt++], &wsc->open_cred,
 			sizeof(struct wsc_credential));
@@ -1022,6 +1028,9 @@ static void eap_wsc_r_handle_m7(struct eap_state *eap,
 	struct wsc_m7_encrypted_settings m7es;
 	enum wsc_configuration_error error = WSC_CONFIGURATION_ERROR_NO_ERROR;
 
+	memset(m7es.authenticator, 0, sizeof(m7es.authenticator));
+	memset(m7.authenticator, 0, sizeof(m7.authenticator));
+
 	/* Spec unclear what to do here, see comments in eap_wsc_send_nack */
 	if (wsc_parse_m7(pdu, len, &m7, &encrypted) != 0)
 		goto send_nack;
@@ -1084,6 +1093,9 @@ static void eap_wsc_r_send_m6(struct eap_state *eap,
 	size_t encrypted_len;
 	bool r;
 
+	memset(m6es.authenticator, 0, sizeof(m6es.authenticator));
+	memset(m6.authenticator, 0, sizeof(m6.authenticator));
+
 	memcpy(m6es.r_snonce2, wsc->local_snonce2, sizeof(wsc->local_snonce2));
 	pdu = wsc_build_m6_encrypted_settings(&m6es, &pdu_len);
 	explicit_bzero(m6es.r_snonce2, sizeof(wsc->local_snonce2));
@@ -1123,6 +1135,8 @@ static void eap_wsc_r_handle_m5(struct eap_state *eap,
 	struct wsc_m5_encrypted_settings m5es;
 	enum wsc_configuration_error error = WSC_CONFIGURATION_ERROR_NO_ERROR;
 
+	memset(m5es.authenticator, 0, sizeof(m5es.authenticator));
+
 	/* Spec unclear what to do here, see comments in eap_wsc_send_nack */
 	if (wsc_parse_m5(pdu, len, &m5, &encrypted) != 0)
 		goto send_nack;
@@ -1188,6 +1202,9 @@ static void eap_wsc_r_send_m4(struct eap_state *eap,
 	size_t len_half1;
 	struct iovec iov[4];
 
+	memset(m4es.authenticator, 0, sizeof(m4es.authenticator));
+	memset(m4.authenticator, 0, sizeof(m4.authenticator));
+
 	memcpy(m4es.r_snonce1, wsc->local_snonce1, sizeof(wsc->local_snonce1));
 	pdu = wsc_build_m4_encrypted_settings(&m4es, &pdu_len);
 	explicit_bzero(m4es.r_snonce1, sizeof(wsc->local_snonce1));
-- 
2.43.0

next             reply	other threads:[~2024-02-27 21:25 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-27 21:25 Denis Kenzior [this message]
2024-02-28  6:26 ` [PATCH] eap-wsc: Silence static analysis Paul Menzel
2024-02-28 15:14   ` Denis Kenzior

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:65a97da4ee5 dfblob:789a20f032b
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240227212521.1510693-1-denkenz@gmail.com \
    --to=denkenz@gmail.com \
    --cc=iwd@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).