| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <gveqi6a4a7zt2v3iytoold5y2fevhzm5vaokelfpwkdzbiuwed@edr7ruel66ga> Date: Thu, 17 Jul 2025 11:50:36 +0300 From: Sergey Bashirov <sergeybashirov@...il.com> To: Antonio Quartulli <antonio@...delbit.com>, Dan Carpenter <dan.carpenter@...aro.org> Cc: Trond Myklebust <trondmy@...nel.org>, Anna Schumaker <anna@...nel.org>, Konstantin Evtushenko <koevtushenko@...dex.com>, Sergey Bashirov <sergeybashirov@...il.com>, linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] pNFS: fix uninitialized pointer access Hi Antonio, Dan, I have an idea how to refactor the code a little to make the static analyzer happy. Will send a patch soon, but first I want to check that it won't affect functionality. On Thu, Jul 17, 2025 at 10:01:42AM +0200, Antonio Quartulli wrote: > On 17/07/2025 06:56, Dan Carpenter wrote: > > No, it won't. I feel like the code is confusing enough that maybe a > > comment is warranted. /* We always iterate through the loop at least > > once so be_prev is correct. */ > > > > I agree a comment would help. I see, will add a comment. > > Another option would be to initialize the be_prev to NULL. This will > > silence the uninitialized variable warning. > > But will likely trigger a potential NULL-ptr-deref, because the static > analyzer believes we can get there with count==0. I agree, this will most likely result in another warning. -- Sergey Bashirov
Powered by blists - more mailing lists