[Pkg-gnupg-commit] [gnupg2] 84/159: gpg: Comment on false positives by static analyzers.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jan 27 13:23:57 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 7990586828a252e78d2ecacbaaa152431d7e08c8
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jan 6 08:42:07 2016 +0100
gpg: Comment on false positives by static analyzers.
--
---
g10/encrypt.c | 1 +
g10/keyedit.c | 16 +++++++++++++++-
g10/parse-packet.c | 1 +
g10/sign.c | 1 +
4 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/g10/encrypt.c b/g10/encrypt.c
index bca1123..eca1c27 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -326,6 +326,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
if (!opt.no_literal)
{
+ /* Note that PT has been initialized above in no_literal mode. */
pt->timestamp = make_timestamp();
pt->mode = opt.textmode? 't' : 'b';
pt->len = filesize;
diff --git a/g10/keyedit.c b/g10/keyedit.c
index a303058..1c302b7 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -363,7 +363,13 @@ check_all_keysigs (KBNODE keyblock, int only_selected, int only_selfsigs)
if (only_selfsigs
&& !(keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]))
- ; /* Not a selfsig but we want only selfsigs - skip. */
+ {
+ /* Not a selfsig but we want only selfsigs - skip. */
+ /* Static analyzer note: A claim that KEYID above has
+ garbage is not correct because KEYID is set from the
+ public key packet which is always the first packet in
+ a keyblock and thus parsed before this signature. */
+ }
else if (print_and_check_one_sig (keyblock, node, &inv_sigs,
&no_key, &oth_err, &selfsig,
0, only_selfsigs))
@@ -856,6 +862,14 @@ sign_uids (ctrl_t ctrl, estream_t fp,
if (primary_pk->expiredate && !selfsig)
{
+ /* Static analyzer note: A claim that PRIMARY_PK might be
+ NULL is not correct because it set from the public key
+ packet which is always the first packet in a keyblock and
+ parsed in the above loop over the keyblock. In case the
+ keyblock has no packets at all and thus the loop was not
+ entered the above count_uids_with_flag would have
+ detected this case. */
+
u32 now = make_timestamp ();
if (primary_pk->expiredate <= now)
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 53b75a6..d552fa6 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2517,6 +2517,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
}
}
+ /* Note that KEYID below has been initialized above in list_mode. */
if (list_mode)
es_fprintf (listfp, "\tkeyid: %08lX%08lX\n",
(ulong) keyid[0], (ulong) keyid[1]);
diff --git a/g10/sign.c b/g10/sign.c
index 79a5f3b..081bd99 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -601,6 +601,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
if (!opt.no_literal) {
PACKET pkt;
+ /* Note that PT has been initialized above in no_literal mode. */
pt->timestamp = make_timestamp ();
pt->mode = ptmode;
pt->len = filesize;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list