gpg: Comment on false positives by static analyzers.

--
2016-01-06 08:42:07 +01:00 · 2016-01-06 08:42:07 +01:00 · 7990586828
parent db82b6131d
commit 7990586828
4 changed files with 18 additions and 1 deletions
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@ -326,6 +326,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey)

  if (!opt.no_literal)
    {
+      /* Note that PT has been initialized above in no_literal mode.  */
      pt->timestamp = make_timestamp();
      pt->mode = opt.textmode? 't' : 'b';
      pt->len = filesize;
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -363,7 +363,13 @@ check_all_keysigs (KBNODE keyblock, int only_selected, int only_selfsigs)

          if (only_selfsigs
              && !(keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]))
-            ;  /* Not a selfsig but we want only selfsigs - skip.  */
+            {
+              /* Not a selfsig but we want only selfsigs - skip.  */
+              /* Static analyzer note: A claim that KEYID above has
+                 garbage is not correct because KEYID is set from the
+                 public key packet which is always the first packet in
+                 a keyblock and thus parsed before this signature.  */
+            }
 	  else if (print_and_check_one_sig (keyblock, node, &inv_sigs,
                                            &no_key, &oth_err, &selfsig,
                                            0, only_selfsigs))
@ -856,6 +862,14 @@ sign_uids (ctrl_t ctrl, estream_t fp,

      if (primary_pk->expiredate && !selfsig)
 	{
+          /* Static analyzer note: A claim that PRIMARY_PK might be
+             NULL is not correct because it set from the public key
+             packet which is always the first packet in a keyblock and
+             parsed in the above loop over the keyblock.  In case the
+             keyblock has no packets at all and thus the loop was not
+             entered the above count_uids_with_flag would have
+             detected this case.  */
+
 	  u32 now = make_timestamp ();

 	  if (primary_pk->expiredate <= now)
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -2517,6 +2517,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
 	}
    }

+  /* Note that KEYID below has been initialized above in list_mode.  */
  if (list_mode)
    es_fprintf (listfp, "\tkeyid: %08lX%08lX\n",
                (ulong) keyid[0], (ulong) keyid[1]);
--- a/g10/sign.c
+++ b/g10/sign.c
@ -601,6 +601,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
    if (!opt.no_literal) {
        PACKET pkt;

+        /* Note that PT has been initialized above in no_literal mode.  */
        pt->timestamp = make_timestamp ();
        pt->mode = ptmode;
        pt->len = filesize;