Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 316
    • Issues 316
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 36
    • Merge requests 36
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #27730
Closed
Open
Created Sep 16, 2018 by teor@teor

CID 1439330: "st.st_size > 9223372036854775807L" is always false

Coverity claims:

*** CID 1439330:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/src/lib/crypt_ops/crypto_rsa.c: 554 in crypto_pk_read_private_key_from_filename()
548                                              const char *keyfile)
549     {
550       struct stat st;
551       char *buf = read_file_to_str(keyfile, 0, &st);
552       if (!buf)
553         return -1;
   CID 1439330:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
   "st.st_size > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
554       if (st.st_size > SSIZE_MAX)
555         return -1;
556     
557       int rv = crypto_pk_read_private_key_from_string(env, buf,
558                                                       (ssize_t)st.st_size);
559       memwipe(buf, 0, (size_t)st.st_size);

But st_size is off_t, and the POSIX standard doesn't require a particular size for off_t:

blkcnt_t and off_t shall be signed integer types.

http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_types.h.html#tag_13_67

In particular, some 32-bit pointer (SSIZE_MAX) operating systems may have a 64-bit file off_t. (I know that at least one BSD does, and I suspect that macOS and Linux also do in their 64-bit file size modes.)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking