/usr/src/usr.bin/ssh/sshd/../ssh-ed25519.c

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name ssh-ed25519.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/usr.bin/ssh/sshd/obj -resource-dir /usr/local/lib/clang/13.0.0 -I /usr/src/usr.bin/ssh/sshd/.. -D WITH_OPENSSL -D WITH_ZLIB -D ENABLE_PKCS11 -D HAVE_DLOPEN -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -Wno-unused-parameter -fdebug-compilation-dir=/usr/src/usr.bin/ssh/sshd/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/usr.bin/ssh/sshd/../ssh-ed25519.c

File:	src/usr.bin/ssh/sshd/../ssh-ed25519.c
Warning:	line 56, column 7 Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'

1	/* $OpenBSD: ssh-ed25519.c,v 1.9 2020/10/18 11:32:02 djm Exp $ */
2	/*
3	* Copyright (c) 2013 Markus Friedl <markus@openbsd.org>
4	*
5	* Permission to use, copy, modify, and distribute this software for any
6	* purpose with or without fee is hereby granted, provided that the above
7	* copyright notice and this permission notice appear in all copies.
8	*
9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16	*/
17	#define SSHKEY_INTERNAL
18	#include <sys/types.h>
19	#include <limits.h>
20
21	#include "crypto_api.h"
22
23	#include <string.h>
24	#include <stdarg.h>
25
26	#include "log.h"
27	#include "sshbuf.h"
28	#include "sshkey.h"
29	#include "ssherr.h"
30	#include "ssh.h"
31
32	int
33	ssh_ed25519_sign(const struct sshkey key, u_char sigp, size_t lenp,
34	const u_char *data, size_t datalen, u_int compat)
35	{
36	u_char sig = NULL((void )0);
37	size_t slen = 0, len;
38	unsigned long long smlen;
39	int r, ret;
40	struct sshbuf b = NULL((void )0);
41
42	if (lenp != NULL((void *)0))
43	*lenp = 0;
44	if (sigp != NULL((void *)0))
45	sigp = NULL((void )0);
46
47	if (key == NULL((void *)0) \|\|
48	sshkey_type_plain(key->type) != KEY_ED25519 \|\|
49	key->ed25519_sk == NULL((void *)0) \|\|
50	datalen >= INT_MAX2147483647 - crypto_sign_ed25519_BYTES64U)
51	return SSH_ERR_INVALID_ARGUMENT-10;
52	smlen = slen = datalen + crypto_sign_ed25519_BYTES64U;
53	if ((sig = malloc(slen)) == NULL((void *)0))
54	return SSH_ERR_ALLOC_FAIL-2;
55
56	if ((ret = crypto_sign_ed25519(sig, &smlen, data, datalen,
	Although the value stored to 'ret' is used in the enclosing expression, the value is never actually read from 'ret'
57	key->ed25519_sk)) != 0 \|\| smlen <= datalen) {
58	r = SSH_ERR_INVALID_ARGUMENT-10; /* XXX better error? */
59	goto out;
60	}
61	/* encode signature */
62	if ((b = sshbuf_new()) == NULL((void *)0)) {
63	r = SSH_ERR_ALLOC_FAIL-2;
64	goto out;
65	}
66	if ((r = sshbuf_put_cstring(b, "ssh-ed25519")) != 0 \|\|
67	(r = sshbuf_put_string(b, sig, smlen - datalen)) != 0)
68	goto out;
69	len = sshbuf_len(b);
70	if (sigp != NULL((void *)0)) {
71	if ((sigp = malloc(len)) == NULL((void )0)) {
72	r = SSH_ERR_ALLOC_FAIL-2;
73	goto out;
74	}
75	memcpy(*sigp, sshbuf_ptr(b), len);
76	}
77	if (lenp != NULL((void *)0))
78	*lenp = len;
79	/* success */
80	r = 0;
81	out:
82	sshbuf_free(b);
83	if (sig != NULL((void *)0))
84	freezero(sig, slen);
85
86	return r;
87	}
88
89	int
90	ssh_ed25519_verify(const struct sshkey *key,
91	const u_char *signature, size_t signaturelen,
92	const u_char *data, size_t datalen, u_int compat)
93	{
94	struct sshbuf b = NULL((void )0);
95	char ktype = NULL((void )0);
96	const u_char *sigblob;
97	u_char sm = NULL((void )0), m = NULL((void )0);
98	size_t len;
99	unsigned long long smlen = 0, mlen = 0;
100	int r, ret;
101
102	if (key == NULL((void *)0) \|\|
103	sshkey_type_plain(key->type) != KEY_ED25519 \|\|
104	key->ed25519_pk == NULL((void *)0) \|\|
105	datalen >= INT_MAX2147483647 - crypto_sign_ed25519_BYTES64U \|\|
106	signature == NULL((void *)0) \|\| signaturelen == 0)
107	return SSH_ERR_INVALID_ARGUMENT-10;
108
109	if ((b = sshbuf_from(signature, signaturelen)) == NULL((void *)0))
110	return SSH_ERR_ALLOC_FAIL-2;
111	if ((r = sshbuf_get_cstring(b, &ktype, NULL((void *)0))) != 0 \|\|
112	(r = sshbuf_get_string_direct(b, &sigblob, &len)) != 0)
113	goto out;
114	if (strcmp("ssh-ed25519", ktype) != 0) {
115	r = SSH_ERR_KEY_TYPE_MISMATCH-13;
116	goto out;
117	}
118	if (sshbuf_len(b) != 0) {
119	r = SSH_ERR_UNEXPECTED_TRAILING_DATA-23;
120	goto out;
121	}
122	if (len > crypto_sign_ed25519_BYTES64U) {
123	r = SSH_ERR_INVALID_FORMAT-4;
124	goto out;
125	}
126	if (datalen >= SIZE_MAX0xffffffffffffffffUL - len) {
127	r = SSH_ERR_INVALID_ARGUMENT-10;
128	goto out;
129	}
130	smlen = len + datalen;
131	mlen = smlen;
132	if ((sm = malloc(smlen)) == NULL((void )0) \|\| (m = malloc(mlen)) == NULL((void )0)) {
133	r = SSH_ERR_ALLOC_FAIL-2;
134	goto out;
135	}
136	memcpy(sm, sigblob, len);
137	memcpy(sm+len, data, datalen);
138	if ((ret = crypto_sign_ed25519_open(m, &mlen, sm, smlen,
139	key->ed25519_pk)) != 0) {
140	debug2_f("crypto_sign_ed25519_open failed: %d", ret)sshlog("/usr/src/usr.bin/ssh/sshd/../ssh-ed25519.c", __func__ , 140, 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "crypto_sign_ed25519_open failed: %d" , ret);
141	}
142	if (ret != 0 \|\| mlen != datalen) {
143	r = SSH_ERR_SIGNATURE_INVALID-21;
144	goto out;
145	}
146	/* XXX compare 'm' and 'data' ? */
147	/* success */
148	r = 0;
149	out:
150	if (sm != NULL((void *)0))
151	freezero(sm, smlen);
152	if (m != NULL((void *)0))
153	freezero(m, smlen); /* NB mlen may be invalid if r != 0 */
154	sshbuf_free(b);
155	free(ktype);
156	return r;
157	}

Bug Summary

Annotated Source Code