From 1eb8b740548bdcc8c86a0c9a24e21aae6be3ceb8 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 31 May 2024 15:34:03 -0400 Subject: [PATCH] Attempt to squash mesons can build finding This is a false positive but the scan is can't tell that this value cannot change becasue it is not local. If this works will squash this commit in the previous one. Signed-off-by: Simo Sorce --- src/asymmetric_cipher.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/asymmetric_cipher.c b/src/asymmetric_cipher.c index 77ebc9af..35b2d429 100644 --- a/src/asymmetric_cipher.c +++ b/src/asymmetric_cipher.c @@ -308,6 +308,7 @@ static int p11prov_rsaenc_decrypt(void *ctx, unsigned char *out, size_t *outlen, CK_ULONG out_size = *outlen; int result = RET_OSSL_ERR; bool always_auth = false; + bool tls_padding = encctx->tls_padding.mode; CK_RV ret; P11PROV_debug("decrypt (ctx=%p)", ctx); @@ -328,7 +329,7 @@ static int p11prov_rsaenc_decrypt(void *ctx, unsigned char *out, size_t *outlen, } if (outsize < key_size) { - if (encctx->tls_padding.mode) { + if (tls_padding) { if (outsize < SSL_MAX_MASTER_KEY_LENGTH) { ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH); return RET_OSSL_ERR; @@ -339,7 +340,7 @@ static int p11prov_rsaenc_decrypt(void *ctx, unsigned char *out, size_t *outlen, } } - if (encctx->tls_padding.mode) { + if (tls_padding) { tmpbuf = OPENSSL_zalloc(key_size); if (!tmpbuf) { return RET_OSSL_ERR; @@ -412,7 +413,7 @@ static int p11prov_rsaenc_decrypt(void *ctx, unsigned char *out, size_t *outlen, /* this conditional is ok because it is not dependent on the * decryption computation or any private data */ - if (encctx->tls_padding.mode) { + if (tls_padding) { CK_ULONG tls_cond = 0; result = p11prov_tls_constant_time_depadding(encctx, out, tmpbuf,