On Sun, 7 Feb 2016, Pedro F. Giffuni wrote:

Log:
 fdesc_setattr: unitialized pointer read

 CID:   1018688

Bug in Coverity.

Modified: head/sys/fs/fdescfs/fdesc_vnops.c
==============================================================================
--- head/sys/fs/fdescfs/fdesc_vnops.c   Sun Feb  7 01:04:47 2016        
(r295358)
+++ head/sys/fs/fdescfs/fdesc_vnops.c   Sun Feb  7 01:09:38 2016        
(r295359)
@@ -465,7 +465,7 @@ fdesc_setattr(ap)
{
        struct vattr *vap = ap->a_vap;
        struct vnode *vp;
-       struct mount *mp;
+       struct mount *mp = NULL;
        struct file *fp;
        struct thread *td = curthread;
        cap_rights_t rights;

2 style bugs in the caller to hide the Coverity bug:
- initialization in declaration
- unused initialization

The initialization is done by calling vn_start_write(... &mp, flags).
mp is only an output parameter unless (flags & V_MNTREF), and fdesc
doesn't put V_MNTREF in flags.

This is a common way of returning extra values so it shouldn't cause
warning is the source code doesn't have bogus initializations in the
caller.  Compilers that look at only 1 source file at a time can't see
the full API so they have to assume that such parameters are output-only
if they are uninitialized in callers.  Checkers need to understand the
API if they want to do more.

Bruce
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to