Coverity report after PoW merge
We got this one from Coverity after merge of PoW:
Hi,
Please find the latest report on new defect(s) introduced to tor found with Coverity Scan.
4 new defect(s) introduced to tor found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1529973: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1529973: Uninitialized variables (UNINIT)
/src/ext/equix/hashx/src/context.c: 65 in hashx_alloc()
59 #endif
60 #ifndef NDEBUG
61 ctx->has_program = false;
62 #endif
63 return ctx;
64 failure:
>>> CID 1529973: Uninitialized variables (UNINIT)
>>> Using uninitialized value "ctx->type" when calling "hashx_free".
65 hashx_free(ctx);
66 return NULL;
67 }
68
69 void hashx_free(hashx_ctx* ctx) {
70 if (ctx != NULL && ctx != HASHX_NOTSUPP) {
** CID 1529972: Resource leaks (RESOURCE_LEAK)
/src/test/test_crypto.c: 3015 in test_crypto_hashx()
________________________________________________________________________________________________________
*** CID 1529972: Resource leaks (RESOURCE_LEAK)
/src/test/test_crypto.c: 3015 in test_crypto_hashx()
3009 uint8_t out_actual[HASHX_SIZE] = { 0 };
3010
3011 hashx_ctx *ctx = hashx_alloc(variations[vari_i].type);
3012 tt_ptr_op(ctx, OP_NE, NULL);
3013 tt_ptr_op(ctx, OP_NE, HASHX_NOTSUPP);
3014 retval = hashx_make(ctx, seed_literal, seed_len);
>>> CID 1529972: Resource leaks (RESOURCE_LEAK)
>>> Variable "ctx" going out of scope leaks the storage it points to.
3015 tt_int_op(retval, OP_EQ, 1);
3016
3017 memset(out_actual, 0xa5, sizeof out_actual);
3018 hashx_exec(ctx, hash_input, out_actual);
3019 tt_mem_op(out_actual, OP_EQ, out_expected, sizeof out_actual);
3020
** CID 1529971: High impact quality (Y2K38_SAFETY)
/src/feature/hs/hs_circuit.c: 797 in handle_rend_pqueue_cb()
________________________________________________________________________________________________________
*** CID 1529971: High impact quality (Y2K38_SAFETY)
/src/feature/hs/hs_circuit.c: 797 in handle_rend_pqueue_cb()
791 mainloop_event_schedule(pow_state->pop_pqueue_ev, &delay_tv);
792 return; /* done here! no cleanup needed. */
793 }
794
795 if (pow_state->using_pqueue_bucket) {
796 token_bucket_ctr_refill(&pow_state->pqueue_bucket,
>>> CID 1529971: High impact quality (Y2K38_SAFETY)
>>> A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "approx_time()" is cast to "uint32_t".
797 (uint32_t) approx_time());
798
799 if (token_bucket_ctr_get(&pow_state->pqueue_bucket) > 0) {
800 token_bucket_ctr_dec(&pow_state->pqueue_bucket, 1);
801 } else {
802 /* Waiting for pqueue rate limit to refill, come back later */
** CID 1529970: High impact quality (Y2K38_SAFETY)
/src/feature/hs/hs_service.c: 293 in initialize_pow_defenses()
________________________________________________________________________________________________________
*** CID 1529970: High impact quality (Y2K38_SAFETY)
/src/feature/hs/hs_service.c: 293 in initialize_pow_defenses()
287 if (service->config.pow_queue_rate > 0 &&
288 service->config.pow_queue_burst >= service->config.pow_queue_rate) {
289 pow_state->using_pqueue_bucket = 1;
290 token_bucket_ctr_init(&pow_state->pqueue_bucket,
291 service->config.pow_queue_rate,
292 service->config.pow_queue_burst,
>>> CID 1529970: High impact quality (Y2K38_SAFETY)
>>> A "time_t" value is stored in an integer with too few bits to accommodate it. The expression "approx_time()" is cast to "uint32_t".
293 (uint32_t) approx_time());
294
295 pow_state->pqueue_low_level = MAX(8, service->config.pow_queue_rate / 4);
296 pow_state->pqueue_high_level =
297 service->config.pow_queue_burst +
298 service->config.pow_queue_rate * MAX_REND_TIMEOUT * 2;