From owner-freebsd-security@FreeBSD.ORG Fri Apr 25 21:40:20 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5E6C696 for ; Fri, 25 Apr 2014 21:40:20 +0000 (UTC) Received: from gproxy1-pub.mail.unifiedlayer.com (gproxy1-pub.mail.unifiedlayer.com [69.89.25.95]) by mx1.freebsd.org (Postfix) with SMTP id 7D7CA1A49 for ; Fri, 25 Apr 2014 21:40:20 +0000 (UTC) Received: (qmail 17333 invoked by uid 0); 25 Apr 2014 21:40:19 -0000 Received: from unknown (HELO cmgw3) (10.0.90.84) by gproxy1.mail.unifiedlayer.com with SMTP; 25 Apr 2014 21:40:19 -0000 Received: from box543.bluehost.com ([74.220.219.143]) by cmgw3 with id uMgG1n00l36DqkS01MgKnp; Fri, 25 Apr 2014 15:40:19 -0600 X-Authority-Analysis: v=2.1 cv=XPOjF2RE c=1 sm=1 tr=0 a=m1eD20qHdBbyQr3wvGb0tQ==:117 a=m1eD20qHdBbyQr3wvGb0tQ==:17 a=cNaOj0WVAAAA:8 a=f5113yIGAAAA:8 a=J0QyKEt1u0cA:10 a=oA0Jii2iB0UA:10 a=ZzjhlJrv0foA:10 a=kj9zAlcOel0A:10 a=hBmbxFWgAAAA:8 a=O5JQB85wRqYA:10 a=9NnC__TRAO0A:10 a=pGLkceISAAAA:8 a=6I5d2MoRAAAA:8 a=70qzlKQjAAAA:8 a=5qVS7zfge0p1EuM6TFkA:9 a=CjuIK1q_8ugA:10 a=SV7veod9ZcQA:10 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=apotheon.net; s=default; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=OLXrIDXA40LLWVCpUMB/UIbftIPU11InxdVqncWpK7E=; b=qg+Kc5bEjRDM62vAilrWsFtxrJtK0Tqfuj6h+IVjzoNM23UizZ7S3yHLJJweiz5nKB+XTOf5us9ZfEevrvsJUz0oeslgLLcUmZCFCCFmj9xUfujvIjEnU3nDOWcHHs39; Received: from [98.245.97.34] (port=62631 helo=localhost) by box543.bluehost.com with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from ) id 1Wdnqy-0002q1-Hk for freebsd-security@freebsd.org; Fri, 25 Apr 2014 15:40:16 -0600 Date: Fri, 25 Apr 2014 15:40:11 -0600 From: Chad Perrin To: freebsd-security@freebsd.org Subject: Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole? Message-ID: <20140425214011.GD9479@glaze.hydra> Mail-Followup-To: freebsd-security@freebsd.org References: <32377.1398460907@server1.tristatelogic.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <32377.1398460907@server1.tristatelogic.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.net} {sentby:smtp auth 98.245.97.34 authed with code@apotheon.net} X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 21:40:20 -0000 On Fri, Apr 25, 2014 at 02:21:47PM -0700, Ronald F. Guilmette wrote: > > In message > Ben Laurie wrote: > > >But that would then hide the error condition of it being not set to a > >new value after initialisation. > > The (modified/quieted) code example under discussion is as follows: > > variable = value0; /* initialization */ > if (condition) variable = value1; > if (!condition) variable = value2; > use (variable); > > Please note that variable *is* *always* set to some value (either value1 > or value2) after initialization. The "error condition" that you seem > concerned about having explicitly flagged does not in fact exist in the > example code snippet under discussion. > > >One better answer would be to have a way to annotate that after the > >two conditionals you assert that |variable| is initialised. Then a > >future, smarter static analyzer can attempt to prove you wrong. > > Sir, is there any sense in which the final line of the above example > _does not_ already and standing all by itself constitute an implicit > assertion that "variable" has been initialized by that point in the > code? I do believe you are right . . . at least until the code needs to be edited for some reason. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]