search

pqc-thunderbird / libgcrypt

GNU General Public License v2.0
1 stars 0 forks source link

-fanalyzer mlkem-indcpa-avx2.c: warning: use of uninitialized value ‘h’ #63

Closed falko-strenzke closed 8 months ago

falko-strenzke commented 8 months ago 
cipher/mlkem-indcpa-avx2.c|568 col 3| warning: use of uninitialized value ‘h’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
||   568 |   _gcry_md_close (h);
||       |   ^~~~~~~~~~~~~~~~~~
||   ‘_gcry_mlkem_avx2_indcpa_enc’: events 1-14
||     |
||     |  868 | _gcry_mlkem_avx2_indcpa_enc (uint8_t *c,
||     |      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
||     |      | |
||     |      | (1) entry to ‘_gcry_mlkem_avx2_indcpa_enc’
||     |......
||     |  890 |   if (!seed)
||     |      |      ~
||     |      |      |
||     |      |      (2) following ‘false’ branch (when ‘seed’ is non-NULL)...
||     |......
||     |  897 |       &sp_al, param->k, param->k * sizeof (gcry_mlkem_poly), 1);
||     |      |                         ~~~~~~~~
||     |      |                              |
||     |      |                              (3) ...to here
||     |  898 |   if (ec)
||     |      |      ~
||     |      |      |
||     |      |      (4) following ‘false’ branch (when ‘ec == 0’)...
||     |......
||     |  901 |       &pkpv_al, param->k, param->k * sizeof (gcry_mlkem_poly), 1);
||     |      |                           ~~~~~~~~
||     |      |                                |
||     |      |                                (5) ...to here
||     |  902 |   if (ec)
||     |      |      ~
||     |      |      |
||     |      |      (6) following ‘false’ branch (when ‘ec == 0’)...
||     |......
||     |  905 |       &ep_al, param->k, param->k * sizeof (gcry_mlkem_poly), 1);
||     |      |                         ~~~~~~~~
||     |      |                              |
||     |      |                              (7) ...to here
||     |  906 |   if (ec)
||     |      |      ~
||     |      |      |
||     |      |      (8) following ‘false’ branch (when ‘ec == 0’)...
||     |......
||     |  909 |       &at_al, param->k * param->k, param->k * sizeof (gcry_mlkem_poly), 1);
||     |      |                                    ~~~~~~~~
||     |      |                                         |
||     |      |                                         (9) ...to here
||     |  910 |   if (ec)
||     |      |      ~
||     |      |      |
||     |      |      (10) following ‘false’ branch (when ‘ec == 0’)...
||     |......
||     |  913 |       &b_al, param->k, param->k * sizeof (gcry_mlkem_poly), 1);
||     |      |                        ~~~~~~~~
||     |      |                             |
||     |      |                             (11) ...to here
||     |  914 |   if (ec)
||     |      |      ~
||     |      |      |
||     |      |      (12) following ‘false’ branch (when ‘ec == 0’)...
||     |  915 |     goto leave;
||     |  916 |   sp   = (gcry_mlkem_poly *)sp_al.buf;
||     |      |   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
||     |      |        |
||     |      |        (13) ...to here
||     |......
||     |  924 |   ec = _gcry_mlkem_avx2_gen_matrix (at, seed, 1, param);
||     |      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
||     |      |        |
||     |      |        (14) calling ‘_gcry_mlkem_avx2_gen_matrix’ from ‘_gcry_mlkem_avx2_indcpa_enc’
||     |
||     +--> ‘_gcry_mlkem_avx2_gen_matrix’: events 15-20
||            |
||            |  703 | _gcry_mlkem_avx2_gen_matrix (gcry_mlkem_poly *a,
||            |      | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
||            |      | |
||            |      | (15) entry to ‘_gcry_mlkem_avx2_gen_matrix’
||            |......
||            |  708 |   if (param->k == 2)
||            |      |      ~
||            |      |      |
||            |      |      (16) following ‘false’ branch...
||            |......
||            |  712 |   else if (param->k == 3)
||            |      |           ~~~~~~~~~
||            |      |           |     |
||            |      |           |     (17) ...to here
||            |      |           (18) following ‘true’ branch...
||            |  713 |     {
||            |  714 |       return gen_matrix_k3 (a, seed, transposed, param);
||            |      |              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
||            |      |              |
||            |      |              (19) ...to here
||            |      |              (20) calling ‘gen_matrix_k3’ from ‘_gcry_mlkem_avx2_gen_matrix’
||            |
||            +--> ‘gen_matrix_k3’: events 21-24
||                   |
||                   |  335 | gen_matrix_k3 (gcry_mlkem_poly *a,
||                   |      | ^~~~~~~~~~~~~
||                   |      | |
||                   |      | (21) entry to ‘gen_matrix_k3’
||                   |......
||                   |  343 |   gcry_md_hd_t h;
||                   |      |                ~
||                   |      |                |
||                   |      |                (22) region created on stack here
||                   |      |                (23) capacity: 8 bytes
||                   |......
||                   |  568 |   _gcry_md_close (h);
||                   |      |   ~~~~~~~~~~~~~~~~~~
||                   |      |   |
||                   |      |   (24) use of uninitialized value ‘h’ here
||                   |
TJ-91 commented 8 months ago

Looks like it should be gcry_md_hd_t h = NULL here

falko-strenzke commented 8 months ago

So wie ich es sehe muss in cipher/mlkem-indcpa-avx2.c:gen_matrix_k3() stehen:

  gcry_md_hd_t h = NULL;
                ^
                |
                fehlt