From f140a8e5fdb2f3b9fbc3b32d1a844554008c2298 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Fri, 3 Jun 2022 11:51:02 -0500
Subject: [PATCH 20/23] esys_iutil: fix possible NPD
Clang-10 scan-build reports:
src/tss2-esys/esys_iutil.c:1366:56: warning: Dereference of null pointer
auths->auths[auths->count].sessionHandle = session->rsrc.handle;
^~~~~~~~~~~~~~~~~~~~
1 warning generated.
The code above the report checks that session might be NULL:
RSRC_NODE_T *session = esys_context->session_tab[session_idx];
if (session != NULL) {
IESYS_SESSION *rsrc_session = &session->rsrc.misc.rsrc_session;
if (rsrc_session->type_policy_session == POLICY_PASSWORD) {
Thus suggesting/indicating session may be NULL in subsequent code where
session is dereferenced.
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
src/tss2-esys/esys_iutil.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tss2-esys/esys_iutil.c b/src/tss2-esys/esys_iutil.c
index 0cc92ca5..493f9b28 100644
--- a/src/tss2-esys/esys_iutil.c
+++ b/src/tss2-esys/esys_iutil.c
@@ -1339,7 +1339,7 @@ iesys_gen_auths(ESYS_CONTEXT * esys_context,
&& encryptNonceIdx > 0) ? encryptNonce : NULL,
&auths->auths[session_idx]);
return_if_error(r, "Error while computing hmacs");
- if (esys_context->session_tab[session_idx] != NULL) {
+ if (esys_context->session_tab[session_idx] != NULL && session != NULL) {
auths->auths[auths->count].sessionHandle = session->rsrc.handle;
auths->count++;
}
--
2.34.3