Giters

greenbone / openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

Home Page:https://greenbone.github.io/docs/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Compilation of openvas fails due to uninitialized variables in nasl_crypto2.c

rpfeiffer opened this issue · comments

commented

When compiling openvas with clang-12 / clang++-12 the compilation stops with an error. The reason are the options -Werror and -Wsometimes-uninitialized which detect a possible uninitialised buffer length variable.

Expected behavior

Compilation of openvas without errors.

Actual behavior

The compilation stops with these error messages:

/usr/src/build/openvas/nasl/nasl_crypto2.c:1639:7: error: variable 'resultlen' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized]
if (cipher == GCRY_CIPHER_ARCFOUR)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/src/build/openvas/nasl/nasl_crypto2.c:1646:23: note: uninitialized use occurs here
result = g_malloc0 (resultlen);
^~~~~~~~~
/usr/src/build/openvas/nasl/nasl_crypto2.c:1639:3: note: remove the 'if' if its condition is always true
if (cipher == GCRY_CIPHER_ARCFOUR)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/src/build/openvas/nasl/nasl_crypto2.c:1618:19: note: initialize the variable 'resultlen' to silence this warning
size_t resultlen, datalen, tmplen;
^
= 0
/usr/src/build/openvas/nasl/nasl_crypto2.c:1639:7: error: variable 'tmplen' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized]
if (cipher == GCRY_CIPHER_ARCFOUR)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/src/build/openvas/nasl/nasl_crypto2.c:1647:65: note: uninitialized use occurs here
if ((error = gcry_cipher_encrypt (hd, result, resultlen, tmp, tmplen)))
^~~~~~
/usr/src/build/openvas/nasl/nasl_crypto2.c:1639:3: note: remove the 'if' if its condition is always true
if (cipher == GCRY_CIPHER_ARCFOUR)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/src/build/openvas/nasl/nasl_crypto2.c:1618:36: note: initialize the variable 'tmplen' to silence this warning
size_t resultlen, datalen, tmplen;
^
= 0
2 errors generated.

Steps to reproduce

  1. git clone https://github.com/greenbone/openvas.git
  2. export CC=clang-12
  3. export CXX=clang++-12
  4. cd openvas
  5. mkdir build && cd build && cmake -DCMAKE_INSTALL_PREFIX=/opt/gvm .. && make && make doc

GVM versions

gvm-libs and openvas-smb were installed before. Error happens in master and 20.8 branch of openvas.

Environment

The operating system is:

  • Debian 10 with backports and clang repostory enabled
  • Linux host 5.10.11 #1 SMP Wed Jan 27 18:35:21 CET 2021 x86_64 GNU/Linux

Possible fix

--- nasl_crypto2.c	2021-02-05 02:52:36.239562700 +0100
+++ nasl_crypto2_patched.c	2021-02-05 12:00:50.663267104 +0100
@@ -1642,6 +1642,14 @@
       tmp = g_memdup (data, datalen);
       tmplen = datalen;
     }
+  else
+    {
+      /* The comment above the function states that only GCRY_CIPHER_ARCFOUR
+       * is supported, so this case is missing in the function logic. Please
+       * double-check this suggestion.
+       */
+      return NULL;
+    }
 
   result = g_malloc0 (resultlen);
   if ((error = gcry_cipher_encrypt (hd, result, resultlen, tmp, tmplen)))