svn commit: r295359 - head/sys/fs/fdescfs
Bruce Evans
brde at optusnet.com.au
Sun Feb 7 07:32:40 UTC 2016
On Sun, 7 Feb 2016, Pedro F. Giffuni wrote:
> Log:
> fdesc_setattr: unitialized pointer read
>
> CID: 1018688
Bug in Coverity.
> Modified: head/sys/fs/fdescfs/fdesc_vnops.c
> ==============================================================================
> --- head/sys/fs/fdescfs/fdesc_vnops.c Sun Feb 7 01:04:47 2016 (r295358)
> +++ head/sys/fs/fdescfs/fdesc_vnops.c Sun Feb 7 01:09:38 2016 (r295359)
> @@ -465,7 +465,7 @@ fdesc_setattr(ap)
> {
> struct vattr *vap = ap->a_vap;
> struct vnode *vp;
> - struct mount *mp;
> + struct mount *mp = NULL;
> struct file *fp;
> struct thread *td = curthread;
> cap_rights_t rights;
2 style bugs in the caller to hide the Coverity bug:
- initialization in declaration
- unused initialization
The initialization is done by calling vn_start_write(... &mp, flags).
mp is only an output parameter unless (flags & V_MNTREF), and fdesc
doesn't put V_MNTREF in flags.
This is a common way of returning extra values so it shouldn't cause
warning is the source code doesn't have bogus initializations in the
caller. Compilers that look at only 1 source file at a time can't see
the full API so they have to assume that such parameters are output-only
if they are uninitialized in callers. Checkers need to understand the
API if they want to do more.
Bruce
More information about the svn-src-head
mailing list