CodeQL warning fixes

WE2-724 Signed-off-by: Raul Metsma <[email protected]>
web-eid · Apr 4, 2023 · b2adf1b · b2adf1b
1 parent e9ecf6f
commit b2adf1b
Show file tree

Hide file tree

Showing 6 changed files with 9 additions and 112 deletions.
diff --git a/.github/temporarily-disabled-workflows/codeql-analysis.yml b/.github/temporarily-disabled-workflows/codeql-analysis.yml
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -6,11 +6,6 @@ on:
  pull_request:
  # The branches below must be a subset of the branches above
  branches: [ 'main' ]
- schedule:
- - cron: '49 20 * * 4'
-
-env:
- BUILD_TYPE: RelWithDebInfo
 
 jobs:
  analyze:
@@ -22,11 +17,6 @@ jobs:
  contents: read
  security-events: write
 
- strategy:
- fail-fast: false
- matrix:
- language: [ 'cpp' ]
-
  steps:
  - name: Checkout repository
  uses: actions/checkout@v3
@@ -36,20 +26,11 @@ jobs:
  - name: Initialize CodeQL
  uses: github/codeql-action/init@v2
  with:
- languages: ${{ matrix.language }}
-
- - name: Create build directory
- run: mkdir build
+ languages: cpp
+ queries: +security-and-quality
 
- - name: Configure CMake
- working-directory: ${{github.workspace}}/build
- run: cmake -DCMAKE_BUILD_TYPE=$BUILD_TYPE ..
-
- - name: Build
- working-directory: ${{github.workspace}}/build
- run: cmake --build . --config $BUILD_TYPE
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
 
  - name: Perform CodeQL Analysis
  uses: github/codeql-action/analyze@v2
- with:
- category: "/language:${{matrix.language}}"
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -49,7 +49,7 @@ target_include_directories(${PROJECT_NAME}
  include
 )
 
-find_package(OpenSSL REQUIRED)
+find_package(OpenSSL 1.1.1 REQUIRED)
 
 target_link_libraries(${PROJECT_NAME}
  pcsc-cpp

diff --git a/lib/libpcsc-cpp b/lib/libpcsc-cpp
diff --git a/src/electronic-ids/pcsc/FinEID.cpp b/src/electronic-ids/pcsc/FinEID.cpp
@@ -51,9 +51,9 @@ const byte_vector::value_type PIN_PADDING_CHAR = 0x00;
 const byte_vector::value_type AUTH_PIN_REFERENCE = 0x11;
 const byte_vector::value_type SIGNING_PIN_REFERENCE = 0x82;
 const byte_vector::value_type AUTH_KEY_REFERENCE = 0x01;
-// const byte_vector::value_type SIGNING_KEY_REFERENCE = 0x02; // RSA
+// const byte_vector::value_type SIGNING_KEY_REFERENCE = 0x02 // RSA
 const byte_vector::value_type SIGNING_KEY_REFERENCE = 0x03;
-// const byte_vector::value_type RSA_PKCS15_ALGO = 0x02;
+// const byte_vector::value_type RSA_PKCS15_ALGO = 0x02
 const byte_vector::value_type ECDSA_ALGO = 0x04;
 const byte_vector::value_type RSA_PSS_ALGO = 0x05;
 

diff --git a/tests/common/verify.hpp b/tests/common/verify.hpp
@@ -30,19 +30,6 @@
 #define SCOPE_GUARD_EX(TYPE, DATA, FREE) std::unique_ptr<TYPE, decltype(&FREE)>(DATA, FREE)
 #define SCOPE_GUARD(TYPE, DATA) SCOPE_GUARD_EX(TYPE, DATA, TYPE##_free)
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-inline int ECDSA_SIG_set0(ECDSA_SIG* sig, BIGNUM* r, BIGNUM* s)
-{
- if (!r || !s)
- return 0;
- BN_clear_free(sig->r);
- BN_clear_free(sig->s);
- sig->r = r;
- sig->s = s;
- return 1;
-}
-#endif
-
 inline pcsc_cpp::byte_vector ECconcatToASN1(const pcsc_cpp::byte_vector& data)
 {
  auto ecdsa = SCOPE_GUARD(ECDSA_SIG, ECDSA_SIG_new());
@@ -55,7 +42,7 @@ inline pcsc_cpp::byte_vector ECconcatToASN1(const pcsc_cpp::byte_vector& data)
  if (size < 1) {
  throw std::runtime_error("ECconcatToASN1: i2d_ECDSA_SIG() failed");
  }
- pcsc_cpp::byte_vector result(size);
+ pcsc_cpp::byte_vector result(size_t(size), 0);
  unsigned char* p = result.data();
  if (i2d_ECDSA_SIG(ecdsa.get(), &p) != size) {
  throw std::runtime_error(