sslscan
sslscan copied to clipboard
Published
20 hours ago •
rbsec
rbsec
gcc-13 warning: 'secondMethod' may be used uninitialized
When 2.0.16 is compiled with GCC 13 there are such warnings:
cc -o sslscan -Wall -Wformat=2 -Wformat-security -Wno-deprecated-declarations -pie -z relro -z now -L/usr/local/lib -L/usr/local/ssl/lib -L/usr/local/opt/opens
sl/lib -L/opt/local/lib -pipe -frecord-gcc-switches -Wall -fdiagnostics-color=always -fdiagnostics-color=always -g -O2 -DVERSION=\"2.0.16-alt1\" sslscan.c -
lssl -lcrypto -ldl
sslscan.c: In function 'testFallback':
sslscan.c:1255:9: warning: 'secondMethod' may be used uninitialized [-Wmaybe-uninitialized]
1255 | testFallback(options, secondMethod);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sslscan.c:1097:23: note: 'secondMethod' was declared here
1097 | const SSL_METHOD *secondMethod;
| ^~~~~~~~~~~~
sslscan.c: In function 'showCertificate':
sslscan.c:2888:49: warning: 'xml_bp' may be used uninitialized [-Wmaybe-uninitialized]
2888 | if (BIO_printf(xml_bp," <serial>") <= 0)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sslscan.c:2853:42: note: 'xml_bp' was declared here
2853 | BIO *xml_bp;
| ^~~~~~
sslscan.c: In function 'main':
sslscan.c:4145:17: warning: '__builtin_strncpy' output may be truncated copying 511 bytes from a string of length 66887 [-Wstringop-truncation]
4145 | strncpy(options->sniname, options->host, sizeof(options->host) -1);
| ^
sslscan.c:4356:33: warning: '__builtin_strncpy' output may be truncated copying 511 bytes from a string of length 1023 [-Wstringop-truncation]
4356 | strncpy(options->host, line, sizeof(options->host) -1);
| ^
sslscan.c:4360:37: warning: '__builtin_strncpy' output may be truncated copying 511 bytes from a string of length 66887 [-Wstringop-truncation]
4360 | strncpy(options->sniname, options->host, sizeof(options->host) -1);
| ^
