[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] quotearg: avoid uninitialized variable use
From: |
Eric Blake |
Subject: |
Re: [PATCH] quotearg: avoid uninitialized variable use |
Date: |
Fri, 29 Apr 2011 11:06:07 -0600 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 |
On 04/29/2011 10:55 AM, Jim Meyering wrote:
>> When custom_quoting_style was introduced in commit 12247f77,
>> this method was not updated, so any caller that passed
>> the new enum value to any of the existing quotearg_*style
>> functions could trigger a crash from the uninitialized memory.
>> That was already documented as unspecified behavior, though,
>> so changing to an abort makes it easier to spot bad code that
>> passes the wrong enum value, rather than waiting for the
>> eventual bad memory dereference later on.
For the record, clients like coreutils will not hit the abort() (nor are
they vulnerable to bad memory references pre-patch); this is because
coreutils converts a string from quoting_style_args into a value from
quoting_style_vals before calling any quotearg_*style function, and the
quoting_style_args array specifically excludes an entry for custom
quoting style.
>>
>> * lib/quotearg.c (quoting_options_from_style): Initialize
>> remaining fields, and ensure that custom styles are only used via
>> quoting_options rather than quoting_style.
>
> Thanks. This looks fine.
>
>> Jim, Paul - any objections to this patch?
>>
>> Hmm, maybe instead of zero-initializing each field, we should
>> instead just declare struct quoting_options o = {0}?
>
> I prefer that.
Here's the form I finally pushed:
diff --git c/lib/quotearg.c w/lib/quotearg.c
index fb49559..da8ba1e 100644
--- c/lib/quotearg.c
+++ w/lib/quotearg.c
@@ -168,10 +168,10 @@ set_custom_quoting (struct quoting_options *o,
static struct quoting_options
quoting_options_from_style (enum quoting_style style)
{
- struct quoting_options o;
+ struct quoting_options o = { 0 };
+ if (style == custom_quoting_style)
+ abort ();
o.style = style;
- o.flags = 0;
- memset (o.quote_these_too, 0, sizeof o.quote_these_too);
return o;
}
--
Eric Blake address@hidden +1-801-349-2682
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature