Bug Summary

File:src/lib/libcrypto/des/cfb64ede.c
Warning:line 125, column 28
Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.4 -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name cfb64ede.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/lib/libcrypto/obj -resource-dir /usr/local/llvm16/lib/clang/16 -D LIBRESSL_INTERNAL -D HAVE_FUNOPEN -I /usr/src/lib/libcrypto -I /usr/src/lib/libcrypto/arch/amd64 -I /usr/src/lib/libcrypto/asn1 -I /usr/src/lib/libcrypto/bio -I /usr/src/lib/libcrypto/bn -I /usr/src/lib/libcrypto/bn/arch/amd64 -I /usr/src/lib/libcrypto/bytestring -I /usr/src/lib/libcrypto/curve25519 -I /usr/src/lib/libcrypto/dh -I /usr/src/lib/libcrypto/dsa -I /usr/src/lib/libcrypto/ec -I /usr/src/lib/libcrypto/ecdsa -I /usr/src/lib/libcrypto/evp -I /usr/src/lib/libcrypto/hidden -I /usr/src/lib/libcrypto/hmac -I /usr/src/lib/libcrypto/kdf -I /usr/src/lib/libcrypto/modes -I /usr/src/lib/libcrypto/ocsp -I /usr/src/lib/libcrypto/pkcs12 -I /usr/src/lib/libcrypto/rsa -I /usr/src/lib/libcrypto/sha -I /usr/src/lib/libcrypto/ts -I /usr/src/lib/libcrypto/x509 -I /usr/src/lib/libcrypto/obj -D AES_ASM -D BSAES_ASM -D VPAES_ASM -D OPENSSL_IA32_SSE2 -D RSA_ASM -D OPENSSL_BN_ASM_MONT -D OPENSSL_BN_ASM_MONT5 -D MD5_ASM -D GHASH_ASM -D RC4_MD5_ASM -D SHA1_ASM -D SHA256_ASM -D SHA512_ASM -D WHIRLPOOL_ASM -D OPENSSL_CPUID_OBJ -internal-isystem /usr/local/llvm16/lib/clang/16/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/lib/libcrypto/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fcf-protection=branch -fno-jump-tables -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/scan/2024-01-11-140451-98009-1 -x c /usr/src/lib/libcrypto/des/cfb64ede.c
1/* $OpenBSD: cfb64ede.c,v 1.12 2023/07/08 07:34:34 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* The input and output encrypted as though 64bit cfb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65
66void
67DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
68 long length, DES_key_schedule *ks1,
69 DES_key_schedule *ks2, DES_key_schedule *ks3,
70 DES_cblock *ivec, int *num, int enc)
71{
72 DES_LONGunsigned int v0, v1;
73 long l = length;
74 int n = *num;
75 DES_LONGunsigned int ti[2];
76 unsigned char *iv, c, cc;
77
78 iv = &(*ivec)[0];
79 if (enc) {
80 while (l--) {
81 if (n == 0) {
82 c2l(iv, v0)(v0 =((unsigned int)(*((iv)++))) , v0|=((unsigned int)(*((iv)
++)))<< 8L, v0|=((unsigned int)(*((iv)++)))<<16L,
v0|=((unsigned int)(*((iv)++)))<<24L);
83 c2l(iv, v1)(v1 =((unsigned int)(*((iv)++))) , v1|=((unsigned int)(*((iv)
++)))<< 8L, v1|=((unsigned int)(*((iv)++)))<<16L,
v1|=((unsigned int)(*((iv)++)))<<24L);
84
85 ti[0] = v0;
86 ti[1] = v1;
87 DES_encrypt3(ti, ks1, ks2, ks3);
88 v0 = ti[0];
89 v1 = ti[1];
90
91 iv = &(*ivec)[0];
92 l2c(v0, iv)(*((iv)++)=(unsigned char)(((v0) )&0xff), *((iv)++)=(unsigned
char)(((v0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v0)>>16L)&0xff), *((iv)++)=(unsigned char)(((v0)
>>24L)&0xff));
93 l2c(v1, iv)(*((iv)++)=(unsigned char)(((v1) )&0xff), *((iv)++)=(unsigned
char)(((v1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v1)>>16L)&0xff), *((iv)++)=(unsigned char)(((v1)
>>24L)&0xff));
94 iv = &(*ivec)[0];
95 }
96 c = *(in++) ^ iv[n];
97 *(out++) = c;
98 iv[n] = c;
99 n = (n + 1) & 0x07;
100 }
101 } else {
102 while (l--) {
103 if (n == 0) {
104 c2l(iv, v0)(v0 =((unsigned int)(*((iv)++))) , v0|=((unsigned int)(*((iv)
++)))<< 8L, v0|=((unsigned int)(*((iv)++)))<<16L,
v0|=((unsigned int)(*((iv)++)))<<24L);
105 c2l(iv, v1)(v1 =((unsigned int)(*((iv)++))) , v1|=((unsigned int)(*((iv)
++)))<< 8L, v1|=((unsigned int)(*((iv)++)))<<16L,
v1|=((unsigned int)(*((iv)++)))<<24L);
106
107 ti[0] = v0;
108 ti[1] = v1;
109 DES_encrypt3(ti, ks1, ks2, ks3);
110 v0 = ti[0];
111 v1 = ti[1];
112
113 iv = &(*ivec)[0];
114 l2c(v0, iv)(*((iv)++)=(unsigned char)(((v0) )&0xff), *((iv)++)=(unsigned
char)(((v0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v0)>>16L)&0xff), *((iv)++)=(unsigned char)(((v0)
>>24L)&0xff));
115 l2c(v1, iv)(*((iv)++)=(unsigned char)(((v1) )&0xff), *((iv)++)=(unsigned
char)(((v1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v1)>>16L)&0xff), *((iv)++)=(unsigned char)(((v1)
>>24L)&0xff));
116 iv = &(*ivec)[0];
117 }
118 cc = *(in++);
119 c = iv[n];
120 iv[n] = cc;
121 *(out++) = c ^ cc;
122 n = (n + 1) & 0x07;
123 }
124 }
125 v0 = v1 = ti[0] = ti[1] = c = cc = 0;
Although the value stored to 'c' is used in the enclosing expression, the value is never actually read from 'c'
126 *num = n;
127}
128
129/* This is compatible with the single key CFB-r for DES, even thought that's
130 * not what EVP needs.
131 */
132
133void
134DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
135 int numbits, long length, DES_key_schedule *ks1,
136 DES_key_schedule *ks2, DES_key_schedule *ks3,
137 DES_cblock *ivec, int enc)
138{
139 DES_LONGunsigned int d0, d1, v0, v1;
140 unsigned long l = length, n = ((unsigned int)numbits + 7)/8;
141 int num = numbits, i;
142 DES_LONGunsigned int ti[2];
143 unsigned char *iv;
144 unsigned char ovec[16];
145
146 if (num > 64)
147 return;
148 iv = &(*ivec)[0];
149 c2l(iv, v0)(v0 =((unsigned int)(*((iv)++))) , v0|=((unsigned int)(*((iv)
++)))<< 8L, v0|=((unsigned int)(*((iv)++)))<<16L,
v0|=((unsigned int)(*((iv)++)))<<24L);
150 c2l(iv, v1)(v1 =((unsigned int)(*((iv)++))) , v1|=((unsigned int)(*((iv)
++)))<< 8L, v1|=((unsigned int)(*((iv)++)))<<16L,
v1|=((unsigned int)(*((iv)++)))<<24L);
151 if (enc) {
152 while (l >= n) {
153 l -= n;
154 ti[0] = v0;
155 ti[1] = v1;
156 DES_encrypt3(ti, ks1, ks2, ks3);
157 c2ln(in, d0, d1, n){ in+=n; d0=d1=0; switch (n) { case 8: d1 =((unsigned int)(*(
--(in))))<<24L; case 7: d1|=((unsigned int)(*(--(in))))
<<16L; case 6: d1|=((unsigned int)(*(--(in))))<< 8L
; case 5: d1|=((unsigned int)(*(--(in)))); case 4: d0 =((unsigned
int)(*(--(in))))<<24L; case 3: d0|=((unsigned int)(*(--
(in))))<<16L; case 2: d0|=((unsigned int)(*(--(in))))<<
8L; case 1: d0|=((unsigned int)(*(--(in)))); } };
158 in += n;
159 d0 ^= ti[0];
160 d1 ^= ti[1];
161 l2cn(d0, d1, out, n){ out+=n; switch (n) { case 8: *(--(out))=(unsigned char)(((d1
)>>24L)&0xff); case 7: *(--(out))=(unsigned char)((
(d1)>>16L)&0xff); case 6: *(--(out))=(unsigned char
)(((d1)>> 8L)&0xff); case 5: *(--(out))=(unsigned char
)(((d1) )&0xff); case 4: *(--(out))=(unsigned char)(((d0)
>>24L)&0xff); case 3: *(--(out))=(unsigned char)(((
d0)>>16L)&0xff); case 2: *(--(out))=(unsigned char)
(((d0)>> 8L)&0xff); case 1: *(--(out))=(unsigned char
)(((d0) )&0xff); } };
162 out += n;
163 /* 30-08-94 - eay - changed because l>>32 and
164 * l<<32 are bad under gcc :-( */
165 if (num == 32) {
166 v0 = v1;
167 v1 = d0;
168 } else if (num == 64) {
169 v0 = d0;
170 v1 = d1;
171 } else {
172 iv = &ovec[0];
173 l2c(v0, iv)(*((iv)++)=(unsigned char)(((v0) )&0xff), *((iv)++)=(unsigned
char)(((v0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v0)>>16L)&0xff), *((iv)++)=(unsigned char)(((v0)
>>24L)&0xff));
174 l2c(v1, iv)(*((iv)++)=(unsigned char)(((v1) )&0xff), *((iv)++)=(unsigned
char)(((v1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v1)>>16L)&0xff), *((iv)++)=(unsigned char)(((v1)
>>24L)&0xff));
175 l2c(d0, iv)(*((iv)++)=(unsigned char)(((d0) )&0xff), *((iv)++)=(unsigned
char)(((d0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((d0)>>16L)&0xff), *((iv)++)=(unsigned char)(((d0)
>>24L)&0xff));
176 l2c(d1, iv)(*((iv)++)=(unsigned char)(((d1) )&0xff), *((iv)++)=(unsigned
char)(((d1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((d1)>>16L)&0xff), *((iv)++)=(unsigned char)(((d1)
>>24L)&0xff));
177 /* shift ovec left most of the bits... */
178 memmove(ovec, ovec + num/8,
179 8 + (num % 8 ? 1 : 0));
180 /* now the remaining bits */
181 if (num % 8 != 0) {
182 for (i = 0; i < 8; ++i) {
183 ovec[i] <<= num % 8;
184 ovec[i] |= ovec[i + 1] >>
185 (8 - num % 8);
186 }
187 }
188 iv = &ovec[0];
189 c2l(iv, v0)(v0 =((unsigned int)(*((iv)++))) , v0|=((unsigned int)(*((iv)
++)))<< 8L, v0|=((unsigned int)(*((iv)++)))<<16L,
v0|=((unsigned int)(*((iv)++)))<<24L);
190 c2l(iv, v1)(v1 =((unsigned int)(*((iv)++))) , v1|=((unsigned int)(*((iv)
++)))<< 8L, v1|=((unsigned int)(*((iv)++)))<<16L,
v1|=((unsigned int)(*((iv)++)))<<24L);
191 }
192 }
193 } else {
194 while (l >= n) {
195 l -= n;
196 ti[0] = v0;
197 ti[1] = v1;
198 DES_encrypt3(ti, ks1, ks2, ks3);
199 c2ln(in, d0, d1, n){ in+=n; d0=d1=0; switch (n) { case 8: d1 =((unsigned int)(*(
--(in))))<<24L; case 7: d1|=((unsigned int)(*(--(in))))
<<16L; case 6: d1|=((unsigned int)(*(--(in))))<< 8L
; case 5: d1|=((unsigned int)(*(--(in)))); case 4: d0 =((unsigned
int)(*(--(in))))<<24L; case 3: d0|=((unsigned int)(*(--
(in))))<<16L; case 2: d0|=((unsigned int)(*(--(in))))<<
8L; case 1: d0|=((unsigned int)(*(--(in)))); } };
200 in += n;
201 /* 30-08-94 - eay - changed because l>>32 and
202 * l<<32 are bad under gcc :-( */
203 if (num == 32) {
204 v0 = v1;
205 v1 = d0;
206 } else if (num == 64) {
207 v0 = d0;
208 v1 = d1;
209 } else {
210 iv = &ovec[0];
211 l2c(v0, iv)(*((iv)++)=(unsigned char)(((v0) )&0xff), *((iv)++)=(unsigned
char)(((v0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v0)>>16L)&0xff), *((iv)++)=(unsigned char)(((v0)
>>24L)&0xff));
212 l2c(v1, iv)(*((iv)++)=(unsigned char)(((v1) )&0xff), *((iv)++)=(unsigned
char)(((v1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v1)>>16L)&0xff), *((iv)++)=(unsigned char)(((v1)
>>24L)&0xff));
213 l2c(d0, iv)(*((iv)++)=(unsigned char)(((d0) )&0xff), *((iv)++)=(unsigned
char)(((d0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((d0)>>16L)&0xff), *((iv)++)=(unsigned char)(((d0)
>>24L)&0xff));
214 l2c(d1, iv)(*((iv)++)=(unsigned char)(((d1) )&0xff), *((iv)++)=(unsigned
char)(((d1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((d1)>>16L)&0xff), *((iv)++)=(unsigned char)(((d1)
>>24L)&0xff));
215 /* shift ovec left most of the bits... */
216 memmove(ovec, ovec + num/8,
217 8 + (num % 8 ? 1 : 0));
218 /* now the remaining bits */
219 if (num % 8 != 0) {
220 for (i = 0; i < 8; ++i) {
221 ovec[i] <<= num % 8;
222 ovec[i] |= ovec[i + 1] >>
223 (8 - num % 8);
224 }
225 }
226 iv = &ovec[0];
227 c2l(iv, v0)(v0 =((unsigned int)(*((iv)++))) , v0|=((unsigned int)(*((iv)
++)))<< 8L, v0|=((unsigned int)(*((iv)++)))<<16L,
v0|=((unsigned int)(*((iv)++)))<<24L);
228 c2l(iv, v1)(v1 =((unsigned int)(*((iv)++))) , v1|=((unsigned int)(*((iv)
++)))<< 8L, v1|=((unsigned int)(*((iv)++)))<<16L,
v1|=((unsigned int)(*((iv)++)))<<24L);
229 }
230 d0 ^= ti[0];
231 d1 ^= ti[1];
232 l2cn(d0, d1, out, n){ out+=n; switch (n) { case 8: *(--(out))=(unsigned char)(((d1
)>>24L)&0xff); case 7: *(--(out))=(unsigned char)((
(d1)>>16L)&0xff); case 6: *(--(out))=(unsigned char
)(((d1)>> 8L)&0xff); case 5: *(--(out))=(unsigned char
)(((d1) )&0xff); case 4: *(--(out))=(unsigned char)(((d0)
>>24L)&0xff); case 3: *(--(out))=(unsigned char)(((
d0)>>16L)&0xff); case 2: *(--(out))=(unsigned char)
(((d0)>> 8L)&0xff); case 1: *(--(out))=(unsigned char
)(((d0) )&0xff); } };
233 out += n;
234 }
235 }
236 iv = &(*ivec)[0];
237 l2c(v0, iv)(*((iv)++)=(unsigned char)(((v0) )&0xff), *((iv)++)=(unsigned
char)(((v0)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v0)>>16L)&0xff), *((iv)++)=(unsigned char)(((v0)
>>24L)&0xff));
238 l2c(v1, iv)(*((iv)++)=(unsigned char)(((v1) )&0xff), *((iv)++)=(unsigned
char)(((v1)>> 8L)&0xff), *((iv)++)=(unsigned char)
(((v1)>>16L)&0xff), *((iv)++)=(unsigned char)(((v1)
>>24L)&0xff));
239 v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
240}