Open Bug 1156027 Opened 10 years ago Updated 3 years ago

Read of uninitialized value in unknown_toUtf8 found by clang-analyzer

Categories

(Core :: XML, defect)

Product:
Core
Component:
XML
Platform:
x86
macOS
Type:
defect

Tracking

()

People

(Reporter: ehsan.akhgari, Unassigned)

Details

(Keywords: csectype-uninitialized)

Attachments

(1 file)

Generated report
239.84 KB, text/html
Details
Attached file Generated report
1296 static void PTRCALL 1297 unknown_toUtf8(const ENCODING *enc, 1298 const char **fromP, const char *fromLim, 1299 char **toP, const char *toLim) 1300 { 1301 const struct unknown_encoding *uenc = AS_UNKNOWN_ENCODING(enc); 1302 char buf[XML_UTF8_ENCODE_MAX]; 1303 for (;;) { 1 Loop condition is true. Entering loop body → 1304 const char *utf8; 1305 int n; 1306 if (*fromP == fromLim) 2 ← Taking false branch → 1307 break; 1308 utf8 = uenc->utf8[(unsigned char)**fromP]; 1309 n = *utf8++; 1310 if (n == 0) { 3 ← Assuming 'n' is equal to 0 → 4 ← Taking true branch → 1311 int c = uenc->convert(uenc->userData, *fromP); 1312 n = XmlUtf8Encode(c, buf); 1313 if (n > toLim - *toP) 5 ← Taking false branch → 1314 break; 1315 utf8 = buf; 1316 *fromP += (AS_NORMAL_ENCODING(enc)->type[(unsigned char)**fromP] 1317 - (BT_LEAD2 - 2)); 1318 } 1319 else { 1320 if (n > toLim - *toP) 1321 break; 1322 (*fromP)++; 1323 } 1324 do { 1325 *(*toP)++ = *utf8++; 6 ← Assigned value is garbage or undefined 1326 } while (--n != 0); 1327 } 1328 } This seems legit to me.
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: