bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] quotearg: avoid uninitialized variable use

From: Eric Blake
Subject: Re: [PATCH] quotearg: avoid uninitialized variable use
Date: Fri, 29 Apr 2011 11:06:07 -0600
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 
On 04/29/2011 10:55 AM, Jim Meyering wrote:
>> When custom_quoting_style was introduced in commit 12247f77,
>> this method was not updated, so any caller that passed
>> the new enum value to any of the existing quotearg_*style
>> functions could trigger a crash from the uninitialized memory.
>> That was already documented as unspecified behavior, though,
>> so changing to an abort makes it easier to spot bad code that
>> passes the wrong enum value, rather than waiting for the
>> eventual bad memory dereference later on.

For the record, clients like coreutils will not hit the abort() (nor are
they vulnerable to bad memory references pre-patch); this is because
coreutils converts a string from quoting_style_args into a value from
quoting_style_vals before calling any quotearg_*style function, and the
quoting_style_args array specifically excludes an entry for custom
quoting style.

>>
>> * lib/quotearg.c (quoting_options_from_style): Initialize
>> remaining fields, and ensure that custom styles are only used via
>> quoting_options rather than quoting_style.
> 
> Thanks.  This looks fine.
> 
>> Jim, Paul - any objections to this patch?
>>
>> Hmm, maybe instead of zero-initializing each field, we should
>> instead just declare struct quoting_options o = {0}?
> 
> I prefer that.

Here's the form I finally pushed:

diff --git c/lib/quotearg.c w/lib/quotearg.c
index fb49559..da8ba1e 100644
--- c/lib/quotearg.c
+++ w/lib/quotearg.c
@@ -168,10 +168,10 @@ set_custom_quoting (struct quoting_options *o,
 static struct quoting_options
 quoting_options_from_style (enum quoting_style style)
 {
-  struct quoting_options o;
+  struct quoting_options o = { 0 };
+  if (style == custom_quoting_style)
+    abort ();
   o.style = style;
-  o.flags = 0;
-  memset (o.quote_these_too, 0, sizeof o.quote_these_too);
   return o;
 }



-- 
Eric Blake   address@hidden    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]