| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 May 2023 14:21:19 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Cc: Stephen Hemminger <stephen@...workplumber.org>
Subject: [PATCH iproute2 05/11] tc_util fix unitialized warning
tc_util.c: In function ‘parse_action_control_slash_spaces’:
tc_util.c:488:28: warning: use of uninitialized value ‘result2’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
488 | *result2_p = result2;
| ~~~~~~~~~~~^~~~~~~~~
‘parse_action_control_slash_spaces’: events 1-5
|
| 455 | static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (1) entry to ‘parse_action_control_slash_spaces’
|......
| 461 | int result1 = -1, result2;
| | ~~~~~~~
| | |
| | (2) region created on stack here
| | (3) capacity: 4 bytes
|......
| 467 | switch (ok) {
| | ~~~~~~
| | |
| | (4) following ‘case 0:’ branch...
|......
| 475 | ret = parse_action_control(&argc, &argv,
| | ~
| | |
| | (5) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
|
+--> ‘parse_action_control’: events 6-7
|
| 432 | return __parse_action_control(argc_p, argv_p, result_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (6) ...to here
| | (7) calling ‘__parse_action_control’ from ‘parse_action_control_slash_spaces’
| 433 | allow_num, false);
| | ~~~~~~~~~~~~~~~~~
|
‘__parse_action_control’: events 8-11
|
| 371 | static int __parse_action_control(int *argc_p, char ***argv_p, int *result_p,
| | ^~~~~~~~~~~~~~~~~~~~~~
| | |
| | (8) entry to ‘__parse_action_control’
|......
| 378 | if (!argc)
| | ~
| | |
| | (9) following ‘false’ branch (when ‘argc != 0’)...
| 379 | return -1;
| 380 | if (action_a2n(*argv, &result, allow_num) == -1) {
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (10) ...to here
| | (11) calling ‘action_a2n’ from ‘__parse_action_control’
|
+--> ‘action_a2n’: events 12-16
|
| 335 | int action_a2n(char *arg, int *result, bool allow_num)
| | ^~~~~~~~~~
| | |
| | (12) entry to ‘action_a2n’
|......
| 356 | for (iter = a2n; iter->a; iter++) {
| | ~~~~
| | |
| | (13) following ‘true’ branch...
| 357 | if (matches(arg, iter->a) != 0)
| | ~~~~~~~~~~~~~~~~~~~~~
| | |
| | (14) ...to here
|......
| 366 | if (result)
| | ~
| | |
| | (15) following ‘true’ branch (when ‘result’ is non-NULL)...
| 367 | *result = n;
| | ~~~~~~~~~~~
| | |
| | (16) ...to here
|
<------+
|
‘__parse_action_control’: event 17
|
| 380 | if (action_a2n(*argv, &result, allow_num) == -1) {
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (17) returning to ‘__parse_action_control’ from ‘action_a2n’
|
<------+
|
‘parse_action_control_slash_spaces’: event 18
|
| 475 | ret = parse_action_control(&argc, &argv,
| | ^
| | |
| | (18) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
|
+--> ‘parse_action_control’: event 19
|
| 432 | return __parse_action_control(argc_p, argv_p, result_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (19) returning to ‘parse_action_control_slash_spaces’ from ‘__parse_action_control’
| 433 | allow_num, false);
| | ~~~~~~~~~~~~~~~~~
|
<------+
|
‘parse_action_control_slash_spaces’: events 20-24
|
| 477 | if (ret)
| | ^
| | |
| | (20) following ‘false’ branch...
| 478 | return ret;
| 479 | ok++;
| | ~~~~
| | |
| | (21) ...to here
|......
| 487 | if (ok == 2)
| | ~
| | |
| | (22) following ‘true’ branch (when ‘ok == 2’)...
| 488 | *result2_p = result2;
| | ~~~~~~~~~~~~~~~~~~~~
| | |
| | (23) ...to here
| | (24) use of uninitialized value ‘result2’ here
|
tc_util.c:488:28: warning: use of uninitialized value ‘result2’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
488 | *result2_p = result2;
| ~~~~~~~~~~~^~~~~~~~~
‘parse_action_control_slash’: events 1-5
|
| 505 | int parse_action_control_slash(int *argc_p, char ***argv_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (1) entry to ‘parse_action_control_slash’
|......
| 510 | char *p = strchr(*argv, '/');
| | ~~~~~~~~~~~~~~~~~~
| | |
| | (2) when ‘strchr’ returns NULL
| 511 |
| 512 | if (!p)
| | ~
| | |
| | (3) following ‘true’ branch (when ‘p’ is NULL)...
| 513 | return parse_action_control_slash_spaces(argc_p, argv_p,
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (4) ...to here
| | (5) calling ‘parse_action_control_slash_spaces’ from ‘parse_action_control_slash’
| 514 | result1_p, result2_p,
| | ~~~~~~~~~~~~~~~~~~~~~
| 515 | allow_num);
| | ~~~~~~~~~~
|
+--> ‘parse_action_control_slash_spaces’: events 6-10
|
| 455 | static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (6) entry to ‘parse_action_control_slash_spaces’
|......
| 461 | int result1 = -1, result2;
| | ~~~~~~~
| | |
| | (7) region created on stack here
| | (8) capacity: 4 bytes
|......
| 467 | switch (ok) {
| | ~~~~~~
| | |
| | (9) following ‘case 0:’ branch...
|......
| 475 | ret = parse_action_control(&argc, &argv,
| | ~
| | |
| | (10) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
|
+--> ‘parse_action_control’: events 11-12
|
| 432 | return __parse_action_control(argc_p, argv_p, result_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (11) ...to here
| | (12) calling ‘__parse_action_control’ from ‘parse_action_control_slash_spaces’
| 433 | allow_num, false);
| | ~~~~~~~~~~~~~~~~~
|
‘__parse_action_control’: events 13-16
|
| 371 | static int __parse_action_control(int *argc_p, char ***argv_p, int *result_p,
| | ^~~~~~~~~~~~~~~~~~~~~~
| | |
| | (13) entry to ‘__parse_action_control’
|......
| 378 | if (!argc)
| | ~
| | |
| | (14) following ‘false’ branch (when ‘argc != 0’)...
| 379 | return -1;
| 380 | if (action_a2n(*argv, &result, allow_num) == -1) {
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (15) ...to here
| | (16) calling ‘action_a2n’ from ‘__parse_action_control’
|
+--> ‘action_a2n’: events 17-21
|
| 335 | int action_a2n(char *arg, int *result, bool allow_num)
| | ^~~~~~~~~~
| | |
| | (17) entry to ‘action_a2n’
|......
| 356 | for (iter = a2n; iter->a; iter++) {
| | ~~~~
| | |
| | (18) following ‘true’ branch...
| 357 | if (matches(arg, iter->a) != 0)
| | ~~~~~~~~~~~~~~~~~~~~~
| | |
| | (19) ...to here
|......
| 366 | if (result)
| | ~
| | |
| | (20) following ‘true’ branch (when ‘result’ is non-NULL)...
| 367 | *result = n;
| | ~~~~~~~~~~~
| | |
| | (21) ...to here
|
<------+
|
‘__parse_action_control’: event 22
|
| 380 | if (action_a2n(*argv, &result, allow_num) == -1) {
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (22) returning to ‘__parse_action_control’ from ‘action_a2n’
|
<------+
|
‘parse_action_control_slash_spaces’: event 23
|
| 475 | ret = parse_action_control(&argc, &argv,
| | ^
| | |
| | (23) inlined call to ‘parse_action_control’ from ‘parse_action_control_slash_spaces’
|
+--> ‘parse_action_control’: event 24
|
| 432 | return __parse_action_control(argc_p, argv_p, result_p,
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (24) returning to ‘parse_action_control_slash_spaces’ from ‘__parse_action_control’
| 433 | allow_num, false);
| | ~~~~~~~~~~~~~~~~~
|
<------+
|
‘parse_action_control_slash_spaces’: events 25-29
|
| 477 | if (ret)
| | ^
| | |
| | (25) following ‘false’ branch...
| 478 | return ret;
| 479 | ok++;
| | ~~~~
| | |
| | (26) ...to here
|......
| 487 | if (ok == 2)
| | ~
| | |
| | (27) following ‘true’ branch (when ‘ok == 2’)...
| 488 | *result2_p = result2;
| | ~~~~~~~~~~~~~~~~~~~~
| | |
| | (28) ...to here
| | (29) use of uninitialized value ‘result2’ here
|
Fixes: e67aba559581 ("tc: actions: add helpers to parse and print control actions")
Signed-off-by: Stephen Hemminger <stephen@...workplumber.org>
---
tc/tc_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/tc_util.c b/tc/tc_util.c
index 0714134eb548..ed9efa70cabd 100644
--- a/tc/tc_util.c
+++ b/tc/tc_util.c
@@ -458,7 +458,7 @@ static int parse_action_control_slash_spaces(int *argc_p, char ***argv_p,
{
int argc = *argc_p;
char **argv = *argv_p;
- int result1 = -1, result2;
+ int result1 = -1, result2 = -1;
int *result_p = &result1;
int ok = 0;
int ret;
--
2.39.2
Powered by blists - more mailing lists