From cad1ff58faa46b3dddeb7eb2aa698f977cc0eecc Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Tue, 19 Sep 2023 12:34:05 +0300 Subject: [PATCH] Fix coverity warnings IB-7552 Signed-off-by: Raul Metsma --- .github/workflows/build.yml | 4 ++-- cmake | 2 +- src/crypto/Digest.cpp | 22 ++++++++++++---------- 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6f116d504..1e45146e1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: steps: - name: Install Deps run: | - dnf install -y \ + dnf install -y --setopt=install_weak_deps=False \ git gcc-c++ cmake rpm-build xml-security-c-devel zlib-devel vim-common doxygen boost-test swig python3-devel java-1.8.0-openjdk-devel \ https://www.codesynthesis.com/download/xsd/4.0/linux-gnu/x86_64/xsd-4.0.0-1.x86_64.rpm - name: Checkout @@ -105,7 +105,7 @@ jobs: container: ${{ matrix.container }} strategy: matrix: - container: ['ubuntu:20.04', 'ubuntu:22.04', 'ubuntu:23.04'] + container: ['ubuntu:20.04', 'ubuntu:22.04', 'ubuntu:23.04', 'ubuntu:23.10'] env: DEBIAN_FRONTEND: noninteractive DEBFULLNAME: github-actions diff --git a/cmake b/cmake index cb0452839..dc9a41ec7 160000 --- a/cmake +++ b/cmake @@ -1 +1 @@ -Subproject commit cb04528398ad10dfea1802c98d4199b29fb6f616 +Subproject commit dc9a41ec755646219c6a5b0efe3e64a2bfa48890 diff --git a/src/crypto/Digest.cpp b/src/crypto/Digest.cpp index ec93e21c0..60cd21895 100644 --- a/src/crypto/Digest.cpp +++ b/src/crypto/Digest.cpp @@ -51,18 +51,20 @@ Digest::~Digest() = default; vector Digest::addDigestInfo(vector digest, string_view uri) { - vector oid; switch(toMethod(uri)) { - case NID_sha1: oid = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}; break; - case NID_sha224: oid = {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c}; break; - case NID_sha256: oid = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; break; - case NID_sha384: oid = {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}; break; - case NID_sha512: oid = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; break; + case NID_sha1: digest.insert(digest.cbegin(), + {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}); break; + case NID_sha224: digest.insert(digest.cbegin(), + {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c}); break; + case NID_sha256: digest.insert(digest.cbegin(), + {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}); break; + case NID_sha384: digest.insert(digest.begin(), + {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}); break; + case NID_sha512: digest.insert(digest.cbegin(), + {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}); break; default: break; } - if(!oid.empty()) - digest.insert(digest.begin(), oid.begin(), oid.end()); return digest; } @@ -74,7 +76,7 @@ vector Digest::digestInfoDigest(const std::vector return {}; const ASN1_OCTET_STRING *value {}; X509_SIG_get0(sig.get(), nullptr, &value); - return { value->data, value->data + value->length }; + return { value->data, std::next(value->data, value->length) }; } string Digest::digestInfoUri(const std::vector &digest) @@ -141,7 +143,7 @@ int Digest::toMethod(string_view uri) if(uri == URI_SHA3_384 || uri == URI_RSA_PSS_SHA3_384) return NID_sha3_384; if(uri == URI_SHA3_512 || uri == URI_RSA_PSS_SHA3_512) return NID_sha3_512; #endif - THROW("Digest method URI '%.*s' is not supported.", uri.size(), uri.data()); + THROW("Digest method URI '%.*s' is not supported.", int(uri.size()), uri.data()); } string Digest::toRsaUri(const string &uri)