svn commit: r276071 - in head/contrib/ntp: ntpd util
Ulrich Spörlein
uqs at FreeBSD.org
Tue Dec 23 09:57:07 UTC 2014
On Mon, 2014-12-22 at 18:54:56 +0000, Xin LI wrote:
> Author: delphij
> Date: Mon Dec 22 18:54:55 2014
> New Revision: 276071
> URL: https://svnweb.freebsd.org/changeset/base/276071
>
> Log:
> Fix multiple ntp vulnerabilities.
>
> Reviewed by: roberto (earlier revision), philip
> Security: CVE-2014-9293, CVE-2014-9294
> Security: CVE-2014-9295, CVE-2014-9296
> Security: FreeBSD-SA-14:31.ntp
>
> Differential Revision: https://reviews.freebsd.org/D1343
>
Hi
the latest Coverity run (which should include these patches, I think)
still flags two DEADCODEs in ntp_proto.c:
________________________________________________________________________________________________________
*** CID 1260388: Logically dead code (DEADCODE)
/contrib/ntp/ntpd/ntp_proto.c: 702 in receive()
696 if (!(rbufp->dstadr->flags & INT_MCASTOPEN)) {
697 if (AUTH(restrict_mask & RES_DONTTRUST,
698 is_authentic))
699 fast_xmit(rbufp, MODE_SERVER, skeyid,
700 restrict_mask);
701 else if (is_authentic == AUTH_ERROR)
>>> CID 1260388: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "fast_xmit(rbufp, 4, 0U, res...".
702 fast_xmit(rbufp, MODE_SERVER, 0,
703 restrict_mask);
704 return; /* hooray */
705 }
706
707 /*
/contrib/ntp/ntpd/ntp_proto.c: 869 in receive()
863 * symmetric active response is sent. If authentication
864 * fails, send a crypto-NAK packet.
865 */
866 if (!AUTH(restrict_mask & RES_DONTTRUST, is_authentic))
867 {
868 if (is_authentic == AUTH_ERROR)
>>> CID 1260388: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "fast_xmit(rbufp, 1, 0U, res...".
869 fast_xmit(rbufp, MODE_ACTIVE, 0,
870 restrict_mask);
871 return; /* bad auth */
872 }
873 if (!AUTH(sys_authenticate | (restrict_mask &
874 RES_NOPEER), is_authentic)) {
More information about the svn-src-all
mailing list