Wietse Venema:
> Viktor Dukhovni:
> > On Fri, Mar 19, 2021 at 11:18:27AM -0400, Jaroslav Skarvada wrote:
> >
> > > 14. postfix-3.5.8/src/util/dict_inline.c:124: uninit_use_in_call: Using
> > > uninitialized value "value" when calling "dict_file_to_b64".
> > > 17. postfix-3.5.8/src/util/dict_inline.c:125: overwrite_var: Overwriting
> > > "err" in "err = free_me = dict_file_get_error(dict)" leaks the storage
> > > that "err" points to.
> > > # 123|
> > > # 124|-> if ((base64_buf = dict_file_to_b64(dict, value)) ==
> > > 0) {
> > > # 125|-> err = free_me = dict_file_get_error(dict);
> > > # 126| break;
> > > # 127| }
> > >
> > > I think it could call dict_file_to_b64 with uninitialized value.
> >
> > Yes, when inline tables in the main.cf file are malformed in a
> > particular way, this may not be handled correctly. Patch below.
>
> Can someone provide an input that demonstrates there is a problem?
>
> The 'value' variable is initialized only when 'err' is zero. Otherwise,
> the loop will be exited before the 'value' variable would be used.
Allright, I found one.
Wietse
