[jboss-jira] [JBoss JIRA] (ELY-960) Coverity static analysis: Suspicious integer expression in BSDUnixDESCryptPasswordImpl (Elytron)
Ilia Vassilev (JIRA)
issues at jboss.org
Tue Feb 14 12:55:00 EST 2017
[ https://issues.jboss.org/browse/ELY-960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ilia Vassilev moved WFLY-7966 to ELY-960:
-----------------------------------------
Project: WildFly Elytron (was: WildFly)
Key: ELY-960 (was: WFLY-7966)
Component/s: Passwords
(was: Security)
Affects Version/s: 1.1.0.Beta24
(was: 11.0.0.Alpha1)
> Coverity static analysis: Suspicious integer expression in BSDUnixDESCryptPasswordImpl (Elytron)
> ------------------------------------------------------------------------------------------------
>
> Key: ELY-960
> URL: https://issues.jboss.org/browse/ELY-960
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Passwords
> Affects Versions: 1.1.0.Beta24
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
>
> Seems {{if}} statement will never be {{true}}, because invKeyPerm is of type byte[]. And permitted values for byte are -128...127.
> {code:java|title=BSDUnixDESCryptPasswordImpl.java}
> outBit = invKeyPerm[inBit];
> if (outBit == 255) {
> continue;
> }
> {code}
> https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=8553812&defectInstanceId=2138962&mergedDefectId=1377479&fileStart=1&fileEnd=250
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list