On Sun, 7 Feb 2016, Pedro F. Giffuni wrote:
Log:
fdesc_setattr: unitialized pointer read
CID: 1018688
Bug in Coverity.
Modified: head/sys/fs/fdescfs/fdesc_vnops.c
==============================================================================
--- head/sys/fs/fdescfs/fdesc_vnops.c Sun Feb 7 01:04:47 2016
(r295358)
+++ head/sys/fs/fdescfs/fdesc_vnops.c Sun Feb 7 01:09:38 2016
(r295359)
@@ -465,7 +465,7 @@ fdesc_setattr(ap)
{
struct vattr *vap = ap->a_vap;
struct vnode *vp;
- struct mount *mp;
+ struct mount *mp = NULL;
struct file *fp;
struct thread *td = curthread;
cap_rights_t rights;
2 style bugs in the caller to hide the Coverity bug:
- initialization in declaration
- unused initialization
The initialization is done by calling vn_start_write(... &mp, flags).
mp is only an output parameter unless (flags & V_MNTREF), and fdesc
doesn't put V_MNTREF in flags.
This is a common way of returning extra values so it shouldn't cause
warning is the source code doesn't have bogus initializations in the
caller. Compilers that look at only 1 source file at a time can't see
the full API so they have to assume that such parameters are output-only
if they are uninitialized in callers. Checkers need to understand the
API if they want to do more.
Bruce
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"