/usr/src/lib/libcrypto/des/cbc

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name cbc_cksm.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/lib/libcrypto/obj -resource-dir /usr/local/lib/clang/13.0.0 -D LIBRESSL_INTERNAL -D LIBRESSL_CRYPTO_INTERNAL -D DSO_DLFCN -D HAVE_DLFCN_H -D HAVE_FUNOPEN -D OPENSSL_NO_HW_PADLOCK -I /usr/src/lib/libcrypto -I /usr/src/lib/libcrypto/asn1 -I /usr/src/lib/libcrypto/bio -I /usr/src/lib/libcrypto/bn -I /usr/src/lib/libcrypto/bytestring -I /usr/src/lib/libcrypto/dh -I /usr/src/lib/libcrypto/dsa -I /usr/src/lib/libcrypto/ec -I /usr/src/lib/libcrypto/ecdh -I /usr/src/lib/libcrypto/ecdsa -I /usr/src/lib/libcrypto/evp -I /usr/src/lib/libcrypto/hmac -I /usr/src/lib/libcrypto/modes -I /usr/src/lib/libcrypto/ocsp -I /usr/src/lib/libcrypto/rsa -I /usr/src/lib/libcrypto/x509 -I /usr/src/lib/libcrypto/obj -D AES_ASM -D BSAES_ASM -D VPAES_ASM -D OPENSSL_IA32_SSE2 -D RSA_ASM -D OPENSSL_BN_ASM_MONT -D OPENSSL_BN_ASM_MONT5 -D OPENSSL_BN_ASM_GF2m -D MD5_ASM -D GHASH_ASM -D RC4_MD5_ASM -D SHA1_ASM -D SHA256_ASM -D SHA512_ASM -D WHIRLPOOL_ASM -D OPENSSL_CPUID_OBJ -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/lib/libcrypto/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/lib/libcrypto/des/cbc_cksm.c

File:	src/lib/libcrypto/des/cbc_cksm.c
Warning:	line 95, column 2 Value stored to 'tout0' is never read

1	/* $OpenBSD: cbc_cksm.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include "des_locl.h"
60
61	DES_LONGunsigned int DES_cbc_cksum(const unsigned char in, DES_cblock output,
62	long length, DES_key_schedule *schedule,
63	const_DES_cblock *ivec)
64	{
65	DES_LONGunsigned int tout0,tout1,tin0,tin1;
66	long l=length;
67	DES_LONGunsigned int tin[2];
68	unsigned char out = &(output)[0];
69	const unsigned char iv = &(ivec)[0];
70
71	c2l(iv,tout0)(tout0 =((unsigned int)(((iv)++))) , tout0\|=((unsigned int)( ((iv)++)))<< 8L, tout0\|=((unsigned int)(((iv)++)))<< 16L, tout0\|=((unsigned int)(((iv)++)))<<24L);
72	c2l(iv,tout1)(tout1 =((unsigned int)(((iv)++))) , tout1\|=((unsigned int)( ((iv)++)))<< 8L, tout1\|=((unsigned int)(((iv)++)))<< 16L, tout1\|=((unsigned int)(((iv)++)))<<24L);
73	for (; l>0; l-=8)
74	{
75	if (l >= 8)
76	{
77	c2l(in,tin0)(tin0 =((unsigned int)(((in)++))) , tin0\|=((unsigned int)(( (in)++)))<< 8L, tin0\|=((unsigned int)(((in)++)))<< 16L, tin0\|=((unsigned int)(((in)++)))<<24L);
78	c2l(in,tin1)(tin1 =((unsigned int)(((in)++))) , tin1\|=((unsigned int)(( (in)++)))<< 8L, tin1\|=((unsigned int)(((in)++)))<< 16L, tin1\|=((unsigned int)(((in)++)))<<24L);
79	}
80	else
81	c2ln(in,tin0,tin1,l){ in+=l; tin0=tin1=0; switch (l) { case 8: tin1 =((unsigned int )((--(in))))<<24L; case 7: tin1\|=((unsigned int)((--( in))))<<16L; case 6: tin1\|=((unsigned int)((--(in))))<< 8L; case 5: tin1\|=((unsigned int)((--(in)))); case 4: tin0 = ((unsigned int)((--(in))))<<24L; case 3: tin0\|=((unsigned int)((--(in))))<<16L; case 2: tin0\|=((unsigned int)(* (--(in))))<< 8L; case 1: tin0\|=((unsigned int)(*(--(in) ))); } };
82
83	tin0^=tout0; tin[0]=tin0;
84	tin1^=tout1; tin[1]=tin1;
85	DES_encrypt1((DES_LONGunsigned int *)tin,schedule,DES_ENCRYPT1);
86	/* fix 15/10/91 eay - thanks to keithr@sco.COM */
87	tout0=tin[0];
88	tout1=tin[1];
89	}
90	if (out != NULL((void *)0))
91	{
92	l2c(tout0,out)(((out)++)=(unsigned char)(((tout0) )&0xff), ((out)++)= (unsigned char)(((tout0)>> 8L)&0xff), ((out)++)=(unsigned char)(((tout0)>>16L)&0xff), ((out)++)=(unsigned char )(((tout0)>>24L)&0xff));
93	l2c(tout1,out)(((out)++)=(unsigned char)(((tout1) )&0xff), ((out)++)= (unsigned char)(((tout1)>> 8L)&0xff), ((out)++)=(unsigned char)(((tout1)>>16L)&0xff), ((out)++)=(unsigned char )(((tout1)>>24L)&0xff));
94	}
95	tout0=tin0=tin1=tin[0]=tin[1]=0;
	Value stored to 'tout0' is never read
96	/*
97	Transform the data in tout1 so that it will
98	match the return value that the MIT Kerberos
99	mit_des_cbc_cksum API returns.
100	*/
101	tout1 = ((tout1 >> 24L) & 0x000000FF)
102	\| ((tout1 >> 8L) & 0x0000FF00)
103	\| ((tout1 << 8L) & 0x00FF0000)
104	\| ((tout1 << 24L) & 0xFF000000);
105	return(tout1);
106	}

Bug Summary

Annotated Source Code