#20558 closed defect (fixed)

Coverity complains about 64-bit time_t vs 64-bit int64_t comparison

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.3.0.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: review-group-12
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

*** CID 1375988:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/src/or/torcert.c: 160 in tor_cert_parse()
154       cert = tor_malloc_zero(sizeof(tor_cert_t));
155       cert->encoded = tor_memdup(encoded, len);
156       cert->encoded_len = len;
157
158       memcpy(cert->signed_key.pubkey, parsed->certified_key, 32);
159       const int64_t valid_until_64 = ((int64_t)parsed->exp_field) * 3600;
>>>     CID 1375988:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     "valid_until_64 > 9223372036854775807L /* (time_t)9223372036854775807L */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
160       if (valid_until_64 > TIME_MAX)
161         cert->valid_until = TIME_MAX - 1;
162       else
163         cert->valid_until = (time_t) valid_until_64;
164       cert->cert_type = parsed->cert_type;
165

Child Tickets

Change History (4)

comment:1 Changed 16 months ago by nickm

Status: newneeds_review

bug20558 is my attempt at a fix here. There is no bug: Coverity Scan just doesn't like it when we check whether a 64-bit value is larger than it can possibly be.

comment:2 Changed 15 months ago by nickm

Keywords: review-group-12 added

comment:3 Changed 15 months ago by dgoulet

Status: needs_reviewmerge_ready

lgtm;

comment:4 Changed 15 months ago by nickm

Resolution: fixed
Status: merge_readyclosed

Merging; thanks!

Note: See TracTickets for help on using tickets.