cache: don't leave cache_slot fields uninitialized
Valgrind says: ==18344== Conditional jump or move depends on uninitialised value(s) ==18344== at 0x406C83: open_slot (cache.c:63) ==18344== by 0x407478: cache_ls (cache.c:403) ==18344== by 0x404C9A: process_request (cgit.c:639) ==18344== by 0x406BD2: fill_slot (cache.c:190) ==18344== by 0x4071A0: cache_process (cache.c:284) ==18344== by 0x404461: main (cgit.c:952) ==18344== Uninitialised value was created by a stack allocation ==18344== at 0x40738B: cache_ls (cache.c:375) This is caused by the keylen field being used to calculate whether or not a slot is matched. We never then check the value of this and the length of data read depends on the key length read from the file so this isn't dangerous, but it's nice to avoid branching based on uninitialized data. Signed-off-by: John Keeping <john@keeping.me.uk>
这个提交包含在:
John Keeping
Jason A. Donenfeld
父节点
3eae406934
当前提交
382ecf152e
2
cache.c
2
cache.c
@ -376,7 +376,7 @@ int cache_ls(const char *path)
|
|||||||
DIR *dir;
|
DIR *dir;
|
||||||
struct dirent *ent;
|
struct dirent *ent;
|
||||||
int err = 0;
|
int err = 0;
|
||||||
struct cache_slot slot;
|
struct cache_slot slot = { 0 };
|
||||||
struct strbuf fullname = STRBUF_INIT;
|
struct strbuf fullname = STRBUF_INIT;
|
||||||
size_t prefixlen;
|
size_t prefixlen;
|
||||||
|
|
||||||
|
|||||||
正在加载...
在新工单中引用
屏蔽一个用户