diff --git a/ChangeLog b/ChangeLog index b9f597a22adc03d3e725c48b909fd2e87f14f7a8..8c795096c4e6b01afd43595d8980515b92c5e4e5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2017-09-14 Niels Möller <nisse@lysator.liu.se> + + * ecc-mod.c (ecc_mod): Workaround to silence a false positive from + the clang static analyzer. + 2017-09-12 Niels Möller <nisse@lysator.liu.se> * testsuite/testutils.h (mpn_zero_p): Avoid redefining mpn_zero_p diff --git a/ecc-mod.c b/ecc-mod.c index 5fee4c68c46c7365ba2b4fd7c4bcbb86443a241e..4e77f0c0e8a88244419704143c73ae2d9148e759 100644 --- a/ecc-mod.c +++ b/ecc-mod.c @@ -51,7 +51,7 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp) mp_size_t i; unsigned shift; - assert (sn > 0); + assert (bn < mn); /* FIXME: Could use mpn_addmul_2. */ /* Eliminate sn limbs at a time */ @@ -72,6 +72,12 @@ ecc_mod (const struct ecc_modulo *m, mp_limb_t *rp) } else { + /* The loop below always runs at least once. But the analyzer + doesn't realize that, and complains about hi being used later + on without a well defined value. */ +#ifdef __clang_analyzer__ + hi = 0; +#endif while (rn >= 2 * mn - bn) { rn -= sn;