From a381897470f5c6ac2f4e71f48d33d71cde7873dd Mon Sep 17 00:00:00 2001 From: Pauli Date: Fri, 1 Apr 2022 12:27:15 +1100 Subject: [PATCH] Fix Coverity 1503322, 1503324, 1503328 memory accesses These are all false positives result from Coverity not understanding our up_ref and free pairing. Reviewed-by: Tomas Mraz Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/18014) --- crypto/evp/exchange.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c index 8eb13ad5dda..4d5f8adbcad 100644 --- a/crypto/evp/exchange.c +++ b/crypto/evp/exchange.c @@ -332,7 +332,11 @@ int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]) /* No more legacy from here down to legacy: */ + /* A Coverity false positive with up_ref/down_ref and free */ + /* coverity[use_after_free] */ ctx->op.kex.exchange = exchange; + /* A Coverity false positive with up_ref/down_ref and free */ + /* coverity[deref_arg] */ ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov)); if (ctx->op.kex.algctx == NULL) { /* The provider key can stay in the cache */ @@ -420,6 +424,8 @@ int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer, EVP_KEYMGMT_get0_name(ctx->keymgmt), ctx->propquery); if (tmp_keymgmt != NULL) + /* A Coverity issue with up_ref/down_ref and free */ + /* coverity[pass_freed_arg] */ provkey = evp_pkey_export_to_provider(peer, ctx->libctx, &tmp_keymgmt, ctx->propquery); EVP_KEYMGMT_free(tmp_keymgmt_tofree); -- 2.47.2