Bug 74930 - bad source code
Summary: bad source code
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: lha (Show other bugs)
(Show other bugs)
Version: 7.2
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Ngo Than
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-10-02 21:30 UTC by d.binderman
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-12-19 01:13:09 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description d.binderman 2002-10-02 21:30:24 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.6 [en-gb]C-CCK-MCD NetscapeOnline.co.uk  (Win98; I)

Description of problem:
I just tried to compile package lha-1.00-17, from the new Redhat
7.2 for Alpha, with the new gcc 3.2 compiler.

It said 

lharc.o: In function `main':
lharc.o(.text+0x1a4): the `gets' function is dangerous and should not be used.

I think gets should be replaced by fgets in the usual way.

Further, it also said

lhadd.c:86: warning: `old_header' might be used uninitialized in this function
lhadd.c:87: warning: `cmp' might be used uninitialized in this function
lhadd.c:458: warning: `nafp' might be used uninitialized in this function
lhadd.c:462: warning: `new_archive_size' might be used uninitialized in this function
lhadd.c:583: warning: `nafp' might be used uninitialized in this function
lhadd.c:584: warning: `new_archive_size' might be used uninitialized in this function
lhext.c:167: warning: `crc' might be used uninitialized in this function
header.c:671: warning: `header_size' might be used uninitialized in this function
header.c:672: warning: `name_length' might be used uninitialized in this function
dhuf.c:90: warning: `b' might be used uninitialized in this function
huf.c:125: warning: `flags' might be used uninitialized in this function


I just tried to compile package lha-1.00-17, from the new Redhat
7.2 for Alpha, with the new gcc 3.2 compiler.

It said 

lharc.o: In function `main':
lharc.o(.text+0x1a4): the `gets' function is dangerous and should not be used.

I think gets should be replaced by fgets in the usual way.

Further, it also said

lhadd.c:86: warning: `old_header' might be used uninitialized in this function
lhadd.c:87: warning: `cmp' might be used uninitialized in this function
lhadd.c:458: warning: `nafp' might be used uninitialized in this function
lhadd.c:462: warning: `new_archive_size' might be used uninitialized in this function
lhadd.c:583: warning: `nafp' might be used uninitialized in this function
lhadd.c:584: warning: `new_archive_size' might be used uninitialized in this function
lhext.c:167: warning: `crc' might be used uninitialized in this function
header.c:671: warning: `header_size' might be used uninitialized in this function
header.c:672: warning: `name_length' might be used uninitialized in this function
dhuf.c:90: warning: `b' might be used uninitialized in this function
huf.c:125: warning: `flags' might be used uninitialized in this function
I just tried to compile package lha-1.00-17, from the new Redhat
7.2 for Alpha, with the new gcc 3.2 compiler.

It said 

lharc.o: In function `main':
lharc.o(.text+0x1a4): the `gets' function is dangerous and should not be used.

I think gets should be replaced by fgets in the usual way.

Further, it also said

lhadd.c:86: warning: `old_header' might be used uninitialized in this function
lhadd.c:87: warning: `cmp' might be used uninitialized in this function
lhadd.c:458: warning: `nafp' might be used uninitialized in this function
lhadd.c:462: warning: `new_archive_size' might be used uninitialized in this function
lhadd.c:583: warning: `nafp' might be used uninitialized in this function
lhadd.c:584: warning: `new_archive_size' might be used uninitialized in this function
lhext.c:167: warning: `crc' might be used uninitialized in this function
header.c:671: warning: `header_size' might be used uninitialized in this function
header.c:672: warning: `name_length' might be used uninitialized in this function
dhuf.c:90: warning: `b' might be used uninitialized in this function
huf.c:125: warning: `flags' might be used uninitialized in this function






Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. compile with new gcc 3.2 compiler and flags -g -O2 -Wall
2.
3.
	

Additional info:

I just tried to compile package lha-1.00-17, from the new Redhat
7.2 for Alpha, with the new gcc 3.2 compiler.

It said 

lharc.o: In function `main':
lharc.o(.text+0x1a4): the `gets' function is dangerous and should not be used.

I think gets should be replaced by fgets in the usual way.

Further, it also said

lhadd.c:86: warning: `old_header' might be used uninitialized in this function
lhadd.c:87: warning: `cmp' might be used uninitialized in this function
lhadd.c:458: warning: `nafp' might be used uninitialized in this function
lhadd.c:462: warning: `new_archive_size' might be used uninitialized in this function
lhadd.c:583: warning: `nafp' might be used uninitialized in this function
lhadd.c:584: warning: `new_archive_size' might be used uninitialized in this function
lhext.c:167: warning: `crc' might be used uninitialized in this function
header.c:671: warning: `header_size' might be used uninitialized in this function
header.c:672: warning: `name_length' might be used uninitialized in this function
dhuf.c:90: warning: `b' might be used uninitialized in this function
huf.c:125: warning: `flags' might be used uninitialized in this function

Comment 1 Alan Cox 2002-12-19 01:13:09 UTC
Verified this seems to cause no exposure its just lousy programming
Also fixed in current releases



Note You need to log in before you can comment on or make changes to this bug.