codecov-commenter
commented
1 month ago Codecov Report
Attention: Patch coverage is 65.62500% with 11 lines in your changes missing coverage. Please review.
Project coverage is 78.33%. Comparing base (
2f18797) to head (e91af87).
| Files | Patch % | Lines |
|---|---|---|
| crypto/ocsp/ocsp_http.c | 59.25% | 11 Missing :warning: |
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #1752 +/- ## ========================================== - Coverage 78.34% 78.33% -0.01% ========================================== Files 580 580 Lines 97255 97270 +15 Branches 13945 13952 +7 ========================================== + Hits 76190 76199 +9 - Misses 20444 20450 +6 Partials 621 621 ```:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Description of changes:
Coverity scan flagged the usage of BIO_get_mem_data. The documentation for this function was incorrect. The documentation stated it would return the length of the data or 0 for failure, but the return value could in fact be negative (this function is a macro to BIO_ctrl which may return -2).
BIO_get_mem_data is subsequently used in ocsp_http.c without a check for the case of -2 which may lead to unexpected behavior. This PR updates the documentation for BIO_get_mem_data and replaces BIO_get_mem_data usage in ocsp_http.c with BIO_mem_contents which has less edge cases.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.