Page MenuHome GnuPG

Potential use of uninitialized variable
Closed, ResolvedPublic

Description

export CC=/usr/local/bin/clang
export CXX=/usr/local/bin/clang++
export CPPFLAGS="-fsanitize=address -fsanitize=undefined"
export CFLAGS="-fsanitize=address -fsanitize=undefined"
export CFLAGS="-fsanitize=address -fsanitize=undefined -fno-sanitize=vptr"

export PREFIX=~/gpg-sanitize

LIBRARY=libksba
VERSION=1.3.2
FILE="$LIBRARY-$VERSION"

cd "$FILE"
./configure --enable-static --disable-shared
--with-libgpg-error-prefix="$PREFIX" --prefix="$PREFIX"
make

make check | /usr/local/bin/asan_symbolize.py


/usr/local/bin/clang -DHAVE_CONFIG_H -I. -I.. -I../src -I../src
-fsanitize=address -fsanitize=undefined -I/usr/local/include -fsanitize=address
-fsanitize=undefined -fno-sanitize=vptr -fvisibility=hidden -Wall -MT basic.o
-MD -MP -MF .deps/basic.Tpo -c -o basic.o basic.c
basic.c:5632:7: warning: variable 'pkey' is used uninitialized whenever 'if'

    condition is false [-Wsometimes-uninitialized]
if (!err)
    ^~~~

basic.c:5638:33: note: uninitialized use occurs here

do_check_one_pubkey (n, skey, pkey,
                              ^~~~

basic.c:5632:3: note: remove the 'if' if its condition is always true

if (!err)
^~~~~~~~~

basic.c:5628:25: note: initialize the variable 'pkey' to silence this warning

gcry_sexp_t skey, pkey;
                      ^
                       = NULL

1 warning generated.
...

/usr/local/bin/clang -DHAVE_CONFIG_H -I. -I.. -I../src -I../src
-fsanitize=address -fsanitize=undefined -I/usr/local/include -fsanitize=address
-fsanitize=undefined -fno-sanitize=vptr -fvisibility=hidden -Wall -MT pubkey.o
-MD -MP -MF .deps/pubkey.Tpo -c -o pubkey.o pubkey.c
pubkey.c:341:7: warning: variable 'sec_key' is used uninitialized whenever 'if'

    condition is false [-Wsometimes-uninitialized]
if (!rc)
    ^~~

pubkey.c:347:11: note: uninitialized use occurs here

*skey = sec_key;
        ^~~~~~~

pubkey.c:341:3: note: remove the 'if' if its condition is always true

if (!rc)
^~~~~~~~

pubkey.c:326:31: note: initialize the variable 'sec_key' to silence this warning

gcry_sexp_t pub_key, sec_key;
                            ^
                             = NULL

1 warning generated.

Details

Version
1.6.3

Event Timeline

JW added projects: libgcrypt, Bug Report.
JW added a subscriber: JW.

No c+p of warnings please! Use gnupg-devel for such things.

werner claimed this task.
werner added a project: Mistaken.