Closed
Bug 166741
Opened 22 years ago
Closed 22 years ago
Variables may be used uninitialized in devutil.c
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.6
People
(Reporter: wtc, Assigned: bugz)
Details
Attachments
(1 file, 3 obsolete files)
2.50 KB,
patch
|
wtc
:
review+
|
Details | Diff | Splinter Review |
When compiling NSS under gcc on Linux, we get the following warnings in devutil.c: devutil.c: In function `find_objects_in_array': devutil.c:1059: warning: `oi' might be used uninitialized in this function devutil.c:1061: warning: `match' might be used uninitialized in this function The first warning is benign, but the second warning is an error. (This bug refers to rev. 1.15 of devutil.c.)
Reporter | ||
Updated•22 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.6
Assignee | ||
Comment 1•22 years ago
|
||
It wasn't an error, the value of match would never be checked unless the previous loop terminated early, in which case match would have been set. But I agree that is non-obvious :)
Reporter | ||
Comment 2•22 years ago
|
||
Here is the code in question: for (i=0; i<otlen; i++) { for (j=0; j<obj->numAttributes; j++) { if (ot[i].type == obj->attributes[j].type) { if (ot[i].ulValueLen == obj->attributes[j].ulValueLen && nsslibc_memequal(ot[i].pValue, obj->attributes[j].pValue, ot[i].ulValueLen, NULL)) { match = PR_TRUE; } else { match = PR_FALSE; } break; } } if (j == obj->numAttributes || !match) { break; } } if (match) { 'match' is used in two places. In the first place, I agree 'match' can't be used uninitialized. In the second place, I think 'match' may be used uninitialized. For example, if we break out of the outer for loop because j == obj->numAttributes, 'match' won't be set. I have another question: do you still want to break out of the inner for loop if you set 'match' to PR_FALSE?
Assignee | ||
Comment 3•22 years ago
|
||
Okay, agreed. Yes, I want to break out of the loop. I am looking for a particular type in the array. If the type is found, I'm done. 'match' indicates whether the type had the same value between the two arrays.
Assignee | ||
Comment 4•22 years ago
|
||
Attachment #97989 -
Attachment is obsolete: true
Reporter | ||
Comment 5•22 years ago
|
||
Comment on attachment 98030 [details] [diff] [review] based on wtc's review r=wtc.
Attachment #98030 -
Flags: review+
Assignee | ||
Comment 6•22 years ago
|
||
checked in.
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 7•22 years ago
|
||
The patch caused bug 167532. I am reopening the bug.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Reporter | ||
Comment 8•22 years ago
|
||
This patch fixes bug 167532.
Assignee | ||
Comment 9•22 years ago
|
||
Comment on attachment 98548 [details] [diff] [review] Incremental patch Patch is correct. That code could definitely be made more readable. I overlooked that the goal wasn't to match a single attribute, but a whole set. It is possible for match to be true, and then changed to false within the loop.
Attachment #98548 -
Flags: review+
Assignee | ||
Comment 10•22 years ago
|
||
After further discussion with Wan-Teh, it appeared there wer still bugs in the above two patches. This patch tries to clean the code up, so it is more clear what is going on.
Attachment #98030 -
Attachment is obsolete: true
Attachment #98548 -
Attachment is obsolete: true
Reporter | ||
Comment 11•22 years ago
|
||
Comment on attachment 98610 [details] [diff] [review] yet another patch r=wtc. Could you add a comment describing what the find_objects_in_array function does?
Attachment #98610 -
Flags: review+
Assignee | ||
Comment 12•22 years ago
|
||
patch checked in, marking fixed.
Status: REOPENED → RESOLVED
Closed: 22 years ago → 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•