Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'topic/bbannier/coverity'

Browse source
This commit is contained in:
Benjamin Bannier 2025-01-14 18:20:04 +01:00
commit c6f9dfb155
4 changed files with 19 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

6
CHANGES
View file

@ -1,3 +1,9 @@
7.2.0-dev.91 | 2025-01-14 18:20:04 +0100
* Bump auxil/spicy to latest development snapshot (Benjamin Bannier, Corelight)
* Prevent unneeded copies in QUIC C++ helper code (Benjamin Bannier, Corelight)
7.2.0-dev.88 | 2025-01-14 14:39:14 +0000 7.2.0-dev.88 | 2025-01-14 14:39:14 +0000
* Raise warnings when for DNS events that are not raised due to dns_skip_all_addl (Johanna Amann, Corelight) * Raise warnings when for DNS events that are not raised due to dns_skip_all_addl (Johanna Amann, Corelight)

2
VERSION
View file

@ -1 +1 @@
7.2.0-dev.88 7.2.0-dev.91

2
auxil/spicy

@ -1 +1 @@
Subproject commit 651c6b160abaee58f3b379d4737431882af94fe0 Subproject commit 8c7393744d2aa2e02f73f2b3dff4c2d5a46327d7

23
src/analyzer/protocol/quic/decrypt_crypto.cc
View file

@ -25,7 +25,6 @@ refactors as C++ development is not our main profession.
#include <cstdint> #include <cstdint>
#include <cstdlib> #include <cstdlib>
#include <memory> #include <memory>
#include <string>
#include <vector> #include <vector>
// OpenSSL imports // OpenSSL imports
@ -366,11 +365,11 @@ public:
0x71, 0x75, 0x69, 0x63, 0x20, 0x68, 0x70, 0x00}; 0x71, 0x75, 0x69, 0x63, 0x20, 0x68, 0x70, 0x00};
std::vector<HkdfCtxParam> hkdf_ctx_params = { std::vector<HkdfCtxParam> hkdf_ctx_params = {
{&hkdf_ctxs.client_in_ctx, CLIENT_INITIAL_INFO}, {&hkdf_ctxs.client_in_ctx, std::move(CLIENT_INITIAL_INFO)},
{&hkdf_ctxs.server_in_ctx, SERVER_INITIAL_INFO}, {&hkdf_ctxs.server_in_ctx, std::move(SERVER_INITIAL_INFO)},
{&hkdf_ctxs.key_info_ctx, KEY_INFO}, {&hkdf_ctxs.key_info_ctx, std::move(KEY_INFO)},
{&hkdf_ctxs.iv_info_ctx, IV_INFO}, {&hkdf_ctxs.iv_info_ctx, std::move(IV_INFO)},
{&hkdf_ctxs.hp_info_ctx, HP_INFO}, {&hkdf_ctxs.hp_info_ctx, std::move(HP_INFO)},
}; };
QuicPacketProtection::Initialize(hkdf_ctx_params); QuicPacketProtection::Initialize(hkdf_ctx_params);
@ -419,11 +418,11 @@ public:
0x75, 0x69, 0x63, 0x76, 0x32, 0x20, 0x68, 0x70, 0x00}; 0x75, 0x69, 0x63, 0x76, 0x32, 0x20, 0x68, 0x70, 0x00};
std::vector<HkdfCtxParam> hkdf_ctx_params = { std::vector<HkdfCtxParam> hkdf_ctx_params = {
{&hkdf_ctxs.client_in_ctx, CLIENT_INITIAL_INFO_V2}, {&hkdf_ctxs.client_in_ctx, std::move(CLIENT_INITIAL_INFO_V2)},
{&hkdf_ctxs.server_in_ctx, SERVER_INITIAL_INFO_V2}, {&hkdf_ctxs.server_in_ctx, std::move(SERVER_INITIAL_INFO_V2)},
{&hkdf_ctxs.key_info_ctx, KEY_INFO_V2}, {&hkdf_ctxs.key_info_ctx, std::move(KEY_INFO_V2)},
{&hkdf_ctxs.iv_info_ctx, IV_INFO_V2}, {&hkdf_ctxs.iv_info_ctx, std::move(IV_INFO_V2)},
{&hkdf_ctxs.hp_info_ctx, HP_INFO_V2}, {&hkdf_ctxs.hp_info_ctx, std::move(HP_INFO_V2)},
}; };
QuicPacketProtection::Initialize(hkdf_ctx_params); QuicPacketProtection::Initialize(hkdf_ctx_params);
@ -483,7 +482,7 @@ hilti::rt::Bytes QUIC_decrypt_crypto_payload(const hilti::rt::integer::safe<uint
DecryptionInformation decryptInfo = remove_header_protection(hp, encrypted_offset, all_data); DecryptionInformation decryptInfo = remove_header_protection(hp, encrypted_offset, all_data);
// Calculate the correct nonce for the decryption // Calculate the correct nonce for the decryption
decryptInfo.nonce = calculate_nonce(iv, decryptInfo.packet_number); decryptInfo.nonce = calculate_nonce(std::move(iv), decryptInfo.packet_number);
return decrypt(key, all_data, payload_length, decryptInfo); return decrypt(key, all_data, payload_length, decryptInfo);
} }