[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #66079] [troff] Uninitialized variable used within add_char functio
|
From: |
Lukas Javorsky |
|
Subject: |
[bug #66079] [troff] Uninitialized variable used within add_char function in roff/troff/input.cpp |
|
Date: |
Mon, 12 Aug 2024 09:46:59 -0400 (EDT) |
URL:
<https://savannah.gnu.org/bugs/?66079>
Summary: [troff] Uninitialized variable used within add_char
function in roff/troff/input.cpp
Group: GNU roff
Submitter: ljavorsk
Submitted: Mon 12 Aug 2024 01:46:56 PM UTC
Category: General
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Planned Release: None
_______________________________________________________
Follow-up Comments:
-------------------------------------------------------
Date: Mon 12 Aug 2024 01:46:56 PM UTC By: Lukas Javorsky <ljavorsk>
Using uninitialized variable "s" could cause undefined behavior. It's safer to
initialize it to "0" to ensure it doesn't happen.
These defects were identified by SAST analyzers (combination of
coverity,snyk,cppcheck,gcc,clang,shellcheck,unicontrol), and from 98 findings
these are few that I believe are NOT false positives.
Error: UNINIT (CWE-457):
groff-1.23.0/src/roff/troff/input.cpp:7303: var_decl: Declaring variable "s"
without initializer.
groff-1.23.0/src/roff/troff/input.cpp:7314: uninit_use_in_call: Using
uninitialized value "s" when calling "add_char".
# 7312| case TOKEN_ESCAPE:
# 7313| if (escape_char != 0)
# 7314|-> *pp = (*pp)->add_char(charset_table[escape_char], curenv, &w,
&s);
# 7315| break;
# 7316| case TOKEN_HYPHEN_INDICATOR:
Possible remedy:
Commits are in the attachments
Please let me know if you believe these are indeed false positives and why.
Thank you so much for your collaboration.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Name: 0001-Initialize-s-to-prevent-undefined-behavior.patch Size: 686B
<https://file.savannah.gnu.org/file/0001-Initialize-s-to-prevent-undefined-behavior.patch?file_id=56346>
AGPL NOTICE
These attachments are served by Savane. You can download the corresponding
source code of Savane at
https://git.savannah.nongnu.org/cgit/administration/savane.git/snapshot/savane-d76bf983d304f2acfc08b5b4a201839fd9edec71.tar.gz
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66079>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
- [bug #66079] [troff] Uninitialized variable used within add_char function in roff/troff/input.cpp,
Lukas Javorsky <=
- [bug #66079] [troff] Uninitialized variable used within add_char function in roff/troff/input.cpp, Lukas Javorsky, 2024/08/13
- [bug #66079] [troff] Uninitialized variable used within add_char function in roff/troff/input.cpp, Lukas Javorsky, 2024/08/13
- [bug #66079] [troff] uninitialized local `s` used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/14
- [bug #66079] [troff] uninitialized local `s` used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/14
- [bug #66079] [troff] uninitialized local `s` used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/14
- [bug #66079] [troff] uninitialized local `s` potentially used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/14
- [bug #66079] [troff] uninitialized local `s` potentially used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/15
- [bug #66079] [troff] uninitialized local `s` potentially used in `token::add_to_zero_width_node_list()`, Lukas Javorsky, 2024/08/21
- [bug #66079] [troff] uninitialized local `s` potentially used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/21
- [bug #66079] [troff] uninitialized local `s` potentially used in `token::add_to_zero_width_node_list()`, G. Branden Robinson, 2024/08/21