Bug Summary

File:src/lib/libcrypto/rc2/rc2_cbc.c
Warning:line 132, column 18
Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name rc2_cbc.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/lib/libcrypto/obj -resource-dir /usr/local/lib/clang/13.0.0 -D LIBRESSL_INTERNAL -D LIBRESSL_CRYPTO_INTERNAL -D DSO_DLFCN -D HAVE_DLFCN_H -D HAVE_FUNOPEN -D OPENSSL_NO_HW_PADLOCK -I /usr/src/lib/libcrypto -I /usr/src/lib/libcrypto/asn1 -I /usr/src/lib/libcrypto/bio -I /usr/src/lib/libcrypto/bn -I /usr/src/lib/libcrypto/bytestring -I /usr/src/lib/libcrypto/dh -I /usr/src/lib/libcrypto/dsa -I /usr/src/lib/libcrypto/ec -I /usr/src/lib/libcrypto/ecdh -I /usr/src/lib/libcrypto/ecdsa -I /usr/src/lib/libcrypto/evp -I /usr/src/lib/libcrypto/hmac -I /usr/src/lib/libcrypto/modes -I /usr/src/lib/libcrypto/ocsp -I /usr/src/lib/libcrypto/rsa -I /usr/src/lib/libcrypto/x509 -I /usr/src/lib/libcrypto/obj -D AES_ASM -D BSAES_ASM -D VPAES_ASM -D OPENSSL_IA32_SSE2 -D RSA_ASM -D OPENSSL_BN_ASM_MONT -D OPENSSL_BN_ASM_MONT5 -D OPENSSL_BN_ASM_GF2m -D MD5_ASM -D GHASH_ASM -D RC4_MD5_ASM -D SHA1_ASM -D SHA256_ASM -D SHA512_ASM -D WHIRLPOOL_ASM -D OPENSSL_CPUID_OBJ -D PIC -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/lib/libcrypto/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/lib/libcrypto/rc2/rc2_cbc.c
1/* $OpenBSD: rc2_cbc.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_locl.h"
61
62void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
63 RC2_KEY *ks, unsigned char *iv, int encrypt)
64 {
65 unsigned long tin0,tin1;
66 unsigned long tout0,tout1,xor0,xor1;
67 long l=length;
68 unsigned long tin[2];
69
70 if (encrypt)
71 {
72 c2l(iv,tout0)(tout0 =((unsigned long)(*((iv)++))) , tout0|=((unsigned long
)(*((iv)++)))<< 8L, tout0|=((unsigned long)(*((iv)++)))
<<16L, tout0|=((unsigned long)(*((iv)++)))<<24L);
73 c2l(iv,tout1)(tout1 =((unsigned long)(*((iv)++))) , tout1|=((unsigned long
)(*((iv)++)))<< 8L, tout1|=((unsigned long)(*((iv)++)))
<<16L, tout1|=((unsigned long)(*((iv)++)))<<24L);
74 iv-=8;
75 for (l-=8; l>=0; l-=8)
76 {
77 c2l(in,tin0)(tin0 =((unsigned long)(*((in)++))) , tin0|=((unsigned long)(
*((in)++)))<< 8L, tin0|=((unsigned long)(*((in)++)))<<
16L, tin0|=((unsigned long)(*((in)++)))<<24L);
78 c2l(in,tin1)(tin1 =((unsigned long)(*((in)++))) , tin1|=((unsigned long)(
*((in)++)))<< 8L, tin1|=((unsigned long)(*((in)++)))<<
16L, tin1|=((unsigned long)(*((in)++)))<<24L);
79 tin0^=tout0;
80 tin1^=tout1;
81 tin[0]=tin0;
82 tin[1]=tin1;
83 RC2_encrypt(tin,ks);
84 tout0=tin[0]; l2c(tout0,out)(*((out)++)=(unsigned char)(((tout0) )&0xff), *((out)++)=
(unsigned char)(((tout0)>> 8L)&0xff), *((out)++)=(unsigned
char)(((tout0)>>16L)&0xff), *((out)++)=(unsigned char
)(((tout0)>>24L)&0xff));
85 tout1=tin[1]; l2c(tout1,out)(*((out)++)=(unsigned char)(((tout1) )&0xff), *((out)++)=
(unsigned char)(((tout1)>> 8L)&0xff), *((out)++)=(unsigned
char)(((tout1)>>16L)&0xff), *((out)++)=(unsigned char
)(((tout1)>>24L)&0xff));
86 }
87 if (l != -8)
88 {
89 c2ln(in,tin0,tin1,l+8){ in+=l+8; tin0=tin1=0; switch (l+8) { case 8: tin1 =((unsigned
long)(*(--(in))))<<24L; case 7: tin1|=((unsigned long)
(*(--(in))))<<16L; case 6: tin1|=((unsigned long)(*(--(
in))))<< 8L; case 5: tin1|=((unsigned long)(*(--(in))))
; case 4: tin0 =((unsigned long)(*(--(in))))<<24L; case
3: tin0|=((unsigned long)(*(--(in))))<<16L; case 2: tin0
|=((unsigned long)(*(--(in))))<< 8L; case 1: tin0|=((unsigned
long)(*(--(in)))); } };
90 tin0^=tout0;
91 tin1^=tout1;
92 tin[0]=tin0;
93 tin[1]=tin1;
94 RC2_encrypt(tin,ks);
95 tout0=tin[0]; l2c(tout0,out)(*((out)++)=(unsigned char)(((tout0) )&0xff), *((out)++)=
(unsigned char)(((tout0)>> 8L)&0xff), *((out)++)=(unsigned
char)(((tout0)>>16L)&0xff), *((out)++)=(unsigned char
)(((tout0)>>24L)&0xff));
96 tout1=tin[1]; l2c(tout1,out)(*((out)++)=(unsigned char)(((tout1) )&0xff), *((out)++)=
(unsigned char)(((tout1)>> 8L)&0xff), *((out)++)=(unsigned
char)(((tout1)>>16L)&0xff), *((out)++)=(unsigned char
)(((tout1)>>24L)&0xff));
97 }
98 l2c(tout0,iv)(*((iv)++)=(unsigned char)(((tout0) )&0xff), *((iv)++)=(unsigned
char)(((tout0)>> 8L)&0xff), *((iv)++)=(unsigned char
)(((tout0)>>16L)&0xff), *((iv)++)=(unsigned char)((
(tout0)>>24L)&0xff));
99 l2c(tout1,iv)(*((iv)++)=(unsigned char)(((tout1) )&0xff), *((iv)++)=(unsigned
char)(((tout1)>> 8L)&0xff), *((iv)++)=(unsigned char
)(((tout1)>>16L)&0xff), *((iv)++)=(unsigned char)((
(tout1)>>24L)&0xff));
100 }
101 else
102 {
103 c2l(iv,xor0)(xor0 =((unsigned long)(*((iv)++))) , xor0|=((unsigned long)(
*((iv)++)))<< 8L, xor0|=((unsigned long)(*((iv)++)))<<
16L, xor0|=((unsigned long)(*((iv)++)))<<24L);
104 c2l(iv,xor1)(xor1 =((unsigned long)(*((iv)++))) , xor1|=((unsigned long)(
*((iv)++)))<< 8L, xor1|=((unsigned long)(*((iv)++)))<<
16L, xor1|=((unsigned long)(*((iv)++)))<<24L);
105 iv-=8;
106 for (l-=8; l>=0; l-=8)
107 {
108 c2l(in,tin0)(tin0 =((unsigned long)(*((in)++))) , tin0|=((unsigned long)(
*((in)++)))<< 8L, tin0|=((unsigned long)(*((in)++)))<<
16L, tin0|=((unsigned long)(*((in)++)))<<24L); tin[0]=tin0;
109 c2l(in,tin1)(tin1 =((unsigned long)(*((in)++))) , tin1|=((unsigned long)(
*((in)++)))<< 8L, tin1|=((unsigned long)(*((in)++)))<<
16L, tin1|=((unsigned long)(*((in)++)))<<24L); tin[1]=tin1;
110 RC2_decrypt(tin,ks);
111 tout0=tin[0]^xor0;
112 tout1=tin[1]^xor1;
113 l2c(tout0,out)(*((out)++)=(unsigned char)(((tout0) )&0xff), *((out)++)=
(unsigned char)(((tout0)>> 8L)&0xff), *((out)++)=(unsigned
char)(((tout0)>>16L)&0xff), *((out)++)=(unsigned char
)(((tout0)>>24L)&0xff));
114 l2c(tout1,out)(*((out)++)=(unsigned char)(((tout1) )&0xff), *((out)++)=
(unsigned char)(((tout1)>> 8L)&0xff), *((out)++)=(unsigned
char)(((tout1)>>16L)&0xff), *((out)++)=(unsigned char
)(((tout1)>>24L)&0xff));
115 xor0=tin0;
116 xor1=tin1;
117 }
118 if (l != -8)
119 {
120 c2l(in,tin0)(tin0 =((unsigned long)(*((in)++))) , tin0|=((unsigned long)(
*((in)++)))<< 8L, tin0|=((unsigned long)(*((in)++)))<<
16L, tin0|=((unsigned long)(*((in)++)))<<24L); tin[0]=tin0;
121 c2l(in,tin1)(tin1 =((unsigned long)(*((in)++))) , tin1|=((unsigned long)(
*((in)++)))<< 8L, tin1|=((unsigned long)(*((in)++)))<<
16L, tin1|=((unsigned long)(*((in)++)))<<24L); tin[1]=tin1;
122 RC2_decrypt(tin,ks);
123 tout0=tin[0]^xor0;
124 tout1=tin[1]^xor1;
125 l2cn(tout0,tout1,out,l+8){ out+=l+8; switch (l+8) { case 8: *(--(out))=(unsigned char)
(((tout1)>>24L)&0xff); case 7: *(--(out))=(unsigned
char)(((tout1)>>16L)&0xff); case 6: *(--(out))=(unsigned
char)(((tout1)>> 8L)&0xff); case 5: *(--(out))=(unsigned
char)(((tout1) )&0xff); case 4: *(--(out))=(unsigned char
)(((tout0)>>24L)&0xff); case 3: *(--(out))=(unsigned
char)(((tout0)>>16L)&0xff); case 2: *(--(out))=(unsigned
char)(((tout0)>> 8L)&0xff); case 1: *(--(out))=(unsigned
char)(((tout0) )&0xff); } };
126 xor0=tin0;
127 xor1=tin1;
128 }
129 l2c(xor0,iv)(*((iv)++)=(unsigned char)(((xor0) )&0xff), *((iv)++)=(unsigned
char)(((xor0)>> 8L)&0xff), *((iv)++)=(unsigned char
)(((xor0)>>16L)&0xff), *((iv)++)=(unsigned char)(((
xor0)>>24L)&0xff));
130 l2c(xor1,iv)(*((iv)++)=(unsigned char)(((xor1) )&0xff), *((iv)++)=(unsigned
char)(((xor1)>> 8L)&0xff), *((iv)++)=(unsigned char
)(((xor1)>>16L)&0xff), *((iv)++)=(unsigned char)(((
xor1)>>24L)&0xff));
131 }
132 tin0=tin1=tout0=tout1=xor0=xor1=0;
Although the value stored to 'tout1' is used in the enclosing expression, the value is never actually read from 'tout1'
133 tin[0]=tin[1]=0;
134 }
135
136void RC2_encrypt(unsigned long *d, RC2_KEY *key)
137 {
138 int i,n;
139 RC2_INTunsigned int *p0,*p1;
140 RC2_INTunsigned int x0,x1,x2,x3,t;
141 unsigned long l;
142
143 l=d[0];
144 x0=(RC2_INTunsigned int)l&0xffff;
145 x1=(RC2_INTunsigned int)(l>>16L);
146 l=d[1];
147 x2=(RC2_INTunsigned int)l&0xffff;
148 x3=(RC2_INTunsigned int)(l>>16L);
149
150 n=3;
151 i=5;
152
153 p0=p1= &(key->data[0]);
154 for (;;)
155 {
156 t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
157 x0=(t<<1)|(t>>15);
158 t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
159 x1=(t<<2)|(t>>14);
160 t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
161 x2=(t<<3)|(t>>13);
162 t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
163 x3=(t<<5)|(t>>11);
164
165 if (--i == 0)
166 {
167 if (--n == 0) break;
168 i=(n == 2)?6:5;
169
170 x0+=p1[x3&0x3f];
171 x1+=p1[x0&0x3f];
172 x2+=p1[x1&0x3f];
173 x3+=p1[x2&0x3f];
174 }
175 }
176
177 d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
178 d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
179 }
180
181void RC2_decrypt(unsigned long *d, RC2_KEY *key)
182 {
183 int i,n;
184 RC2_INTunsigned int *p0,*p1;
185 RC2_INTunsigned int x0,x1,x2,x3,t;
186 unsigned long l;
187
188 l=d[0];
189 x0=(RC2_INTunsigned int)l&0xffff;
190 x1=(RC2_INTunsigned int)(l>>16L);
191 l=d[1];
192 x2=(RC2_INTunsigned int)l&0xffff;
193 x3=(RC2_INTunsigned int)(l>>16L);
194
195 n=3;
196 i=5;
197
198 p0= &(key->data[63]);
199 p1= &(key->data[0]);
200 for (;;)
201 {
202 t=((x3<<11)|(x3>>5))&0xffff;
203 x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
204 t=((x2<<13)|(x2>>3))&0xffff;
205 x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
206 t=((x1<<14)|(x1>>2))&0xffff;
207 x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
208 t=((x0<<15)|(x0>>1))&0xffff;
209 x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
210
211 if (--i == 0)
212 {
213 if (--n == 0) break;
214 i=(n == 2)?6:5;
215
216 x3=(x3-p1[x2&0x3f])&0xffff;
217 x2=(x2-p1[x1&0x3f])&0xffff;
218 x1=(x1-p1[x0&0x3f])&0xffff;
219 x0=(x0-p1[x3&0x3f])&0xffff;
220 }
221 }
222
223 d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
224 d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
225 }
226