Skip to content

src: fix static analysis warning and use smart ptr#43117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nodejs-github-bot merged 1 commit into from
May 18, 2022
Merged

src: fix static analysis warning and use smart ptr #43117

nodejs-github-bot merged 1 commit into from
May 18, 2022

Conversation

@tniessen
Copy link
Member

@tniessentniessen commented May 16, 2022

Coverity issues a warning about value_before_reset == ca, where
value_before_reset is a pointer that may not be valid. While comparing
the pointer itself should still work, we should really be using smart
pointers here so that this particular check can be simplified without
running into a memory leak.

Refactor SSL_CTX_get_issuer to return a smart pointer and update the
call sites accordingly. Note that we might have to change that in the
future once we improve error handling throughout crypto/tls.

Refs: #37990

Defect within value_before_reset == ca according to Coverity:

CID 239746 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 8. use_after_free: Using invalidated internal representation of parameter cert.

@tniessentniessen requested a review from jasnellMay 16, 2022 01:22
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 16, 2022

Review requested:

  • @nodejs/crypto

@nodejs-github-botnodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels May 16, 2022
@tniessentniessen added the request-ci Add this label to start a Jenkins CI on a PR. label May 16, 2022
@github-actionsgithub-actionsbot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 16, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@tniessen
src: fix static analysis warning and use smart ptr
3bd3bba
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: nodejs#37990
@tniessentniessenforce-pushed the src-fix-coverity-warning-crypto-common branch from 35fc96f to 3bd3bbaCompareMay 16, 2022 19:09
@tniessen
Copy link
MemberAuthor

tniessen commented May 16, 2022

Force-pushed to please the C++ linter, the actual diff is 35fc96f.

@tniessentniessen added request-ci Add this label to start a Jenkins CI on a PR. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. labels May 16, 2022
@github-actionsgithub-actionsbot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 16, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 16, 2022

CI: https://ci.nodejs.org/job/node-test-pull-request/44037/

@github-actionsgithub-actionsbot mentioned this pull request May 17, 2022
Open
23 tasks
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 17, 2022

CI: https://ci.nodejs.org/job/node-test-pull-request/44045/

@github-actionsgithub-actionsbot mentioned this pull request May 18, 2022
Open
28 tasks
@tniessentniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label May 18, 2022
@nodejs-github-botnodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label May 18, 2022
@nodejs-github-botnodejs-github-bot merged commit 06ba40a into nodejs:masterMay 18, 2022
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 18, 2022

Landed in 06ba40a

This was referenced May 19, 2022
Open
Open
Open
Open
bengl pushed a commit that referenced this pull request May 30, 2022
@tniessen@bengl
src: fix static analysis warning and use smart ptr
d8a14a2
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: #37990 PR-URL: #43117 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
@benglbengl mentioned this pull request May 31, 2022
Merged
juanarbol pushed a commit that referenced this pull request May 31, 2022
@tniessen@juanarbol
src: fix static analysis warning and use smart ptr
4823c5e
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: #37990 PR-URL: #43117 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
@juanarboljuanarbol mentioned this pull request May 31, 2022
Closed
danielleadams pushed a commit that referenced this pull request Jun 27, 2022
@tniessen@danielleadams
src: fix static analysis warning and use smart ptr
cf70c24
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: #37990 PR-URL: #43117 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
targos pushed a commit that referenced this pull request Jul 12, 2022
@tniessen@targos
src: fix static analysis warning and use smart ptr
3b43aa4
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: #37990 PR-URL: #43117 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
targos pushed a commit that referenced this pull request Jul 31, 2022
@tniessen@targos
src: fix static analysis warning and use smart ptr
f18867b
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: #37990 PR-URL: #43117 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
@targostargos mentioned this pull request Aug 3, 2022
Merged
guangwong pushed a commit to noslate-project/node that referenced this pull request Oct 10, 2022
@tniessen@guangwong
src: fix static analysis warning and use smart ptr
b316e07
Coverity issues a warning about `value_before_reset == ca`, where value_before_reset is a pointer that may not be valid. While comparing the pointer itself should still work, we should really be using smart pointers here so that this particular check can be simplified without running into a memory leak. Refactor SSL_CTX_get_issuer to return a smart pointer and update the call sites accordingly. Note that we might have to change that in the future once we improve error handling throughout crypto/tls. Refs: nodejs/node#37990 PR-URL: nodejs/node#43117 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JungMinuJungMinuJungMinu approved these changes

@RaisinTenRaisinTenRaisinTen approved these changes

@jasnelljasnellAwaiting requested review from jasnell

Assignees

No one assigned

Labels

author readyPRs that have at least one approval, no pending requests for changes, and a CI started.c++Issues and PRs that require attention from people who are familiar with C++.lib / srcIssues and PRs related to general changes in the lib or src directory.needs-ciPRs that need a full CI run.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tniessen@nodejs-github-bot@JungMinu@RaisinTen