Bug 850715 - Use of uninitialized variable and bad use of sizeof()
Use of uninitialized variable and bad use of sizeof()
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: subscription-manager (Show other bugs)
5.9
Unspecified Unspecified
unspecified Severity unspecified
: beta
: 5.9
Assigned To: Bryan Kearney
Entitlement Bugs
:
Depends On:
Blocks: 771748
  Show dependency treegraph
 
Reported: 2012-08-22 04:26 EDT by Pavel Raiskup
Modified: 2013-01-07 22:59 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-01-07 22:59:35 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Pavel Raiskup 2012-08-22 04:26:19 EDT
Hello, here are results of Coverity difference scan of subscription-manager
between el5.8 and el5.9 (rebase subscription-manager-0.98.14-1 ~>
subscription-manager-1.0.12-1).

  1. bad use of sizeof

     => src/rhsmcertd.c:313 s|sizeof(config)|sizeof(*config)|

  2. low prio use of uninitialized value 'use_stdout'

     => src/rhsmcertd.c:113

  3. missing va_end() call

     => src/rhsmcertd.c:115
     => src/rhsmcertd.c:258

These bugs are mentioned just as a warning and it depends on you whether they
will be fixed.  List of all defects is attached.

Quality engineering:
  This issues were found by static analysis tool and we can't provide any
  reproducer for these.  We will verify the fix once available.  Please check
  these tests as SanityOnly (just check that patches for the issues and nothing
  unexpected is added by the commit).  If you want to check the new package
  with Coverity yourself, feel free to use covscan tool
  (https://engineering.redhat.com/trac/CoverityScan/wiki/covscan).

Pavel
Comment 1 RHEL Product and Program Management 2012-08-22 04:38:40 EDT
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 2 Bryan Kearney 2012-08-30 10:17:21 EDT
fixed in master at 5c3af236d0ca8c76cf468ff56cb875c67c07f75b
Comment 5 Pavel Raiskup 2012-09-24 01:28:26 EDT
List of fixed defects in subscription-manager-1.0.19-1.el5

  $ csdiff -x subscription-manager-1.0.12-1.el5.err \
              subscription-manager-1.0.19-1.el5.err

  Error: SIZEOF_MISMATCH (CWE-569):
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:313: suspicious_sizeof: Passing argument "8UL /* sizeof (config) */" to function "malloc" and then casting the return value to "Config *" is suspicious.  Did you intend to use "sizeof(*config)" instead of "sizeof (config)" ?  In this particular case sizeof(Config *) happens to be equal to sizeof(Config), but this is not a portable assumption.

  Error: UNINIT (CWE-457):
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:99: var_decl: Declaring variable "use_stdout" without initializer.
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:113: uninit_use: Using uninitialized value "use_stdout".

  Error: VARARGS (CWE-234):
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:107: va_init: Initializing va_list "argp".
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:116: missing_va_end: va_end was not called for "argp".

  Error: VARARGS (CWE-234):
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:256: va_init: Initializing va_list "argp".
  /builddir/build/BUILD/subscription-manager-1.0.12/src/rhsmcertd.c:259: missing_va_end: va_end was not called for "argp".

Relevant build logs:

  http://releng-test1.englab.brq.redhat.com/covscan/task/893/

Thanks for fixing!  This bug may be switched to VERIFIED.
Pavel
Comment 7 errata-xmlrpc 2013-01-07 22:59:35 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0033.html

Note You need to log in before you can comment on or make changes to this bug.