[SERVER-20003] Coverity analysis defect 73585: Dereference after null check Created: 18/Aug/15  Updated: 13/Oct/15  Resolved: 18/Aug/15

Status: Closed
Project: Core Server
Component/s: Testing Infrastructure
Affects Version/s: None
Fix Version/s: 3.1.7

Type: Bug Priority: Major - P3
Reporter: Coverity Collector User Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: coverity
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Security 8 08/28/15
Participants:

 Description   

Pointer is checked against null but then dereferenced anyway

Defect 73585 (STATIC_C)
Checker FORWARD_NULL (subcategory none)
File: /src/mongo/db/modules/enterprise/src/encryptdb/wiredtiger_encryption_callbacks.cpp
Function mongo::<unnamed>::encrypt(__wt_encryptor *, __wt_session *, unsigned char *, unsigned long, unsigned char *, unsigned long, unsigned long *)
/src/mongo/db/modules/enterprise/src/encryptdb/wiredtiger_encryption_callbacks.cpp, line: 145
Comparing "crypto" to null implies that "crypto" might be null.

            if (!src || !dst || !resultLen | !crypto | !crypto->symmetricKey) {

/src/mongo/db/modules/enterprise/src/encryptdb/wiredtiger_encryption_callbacks.cpp, line: 145
Dereferencing null pointer "crypto".

            if (!src || !dst || !resultLen | !crypto | !crypto->symmetricKey) {



 Comments   
Comment by Githook User [ 13/Oct/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-20001 SERVER-20003 Address Coverity
Branch: artree
https://github.com/10gen/mongo-enterprise-modules/commit/b41bc7767b73fa8dd65bfcdbb2ffb550773da7c0

Comment by Githook User [ 18/Aug/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-20001 SERVER-20003 Address Coverity
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/b41bc7767b73fa8dd65bfcdbb2ffb550773da7c0

Comment by Eric Milkie [ 18/Aug/15 ]

Same issue on line 195 too.

Comment by Eric Milkie [ 18/Aug/15 ]

The use of "bitwise or" does not short circuit, so this doesn't work as intended.

Generated at Thu Feb 08 03:52:50 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.