CPPCheck Dec 29
Alasdair Sinclair
alasdairs at dsl.pipex.com
Tue Dec 29 22:17:39 CST 2009
On 30/12/09 03:55, chris ahrendt wrote:
> I just ran CPP check this evening and got the following :
>
>
> rpcrt4/rpc_transport.c 490 (error) Uninitialized variable smb_floor
> 761 (error) Uninitialized variable pipe_floor
> 885 (error) Uninitialized variable tcp_floor
>
>
>
> If you look at the code :
>
>
> static size_t rpcrt4_ncacn_np_get_top_of_tower(unsigned char *tower_data,
> const char *networkaddr,
> const char *endpoint)
> {
> twr_empty_floor_t *smb_floor;
> twr_empty_floor_t *nb_floor;
> size_t size;
> size_t networkaddr_size;
> size_t endpoint_size;
>
> TRACE("(%p, %s, %s)\n", tower_data, networkaddr, endpoint);
>
> networkaddr_size = networkaddr ? strlen(networkaddr) + 1 : 1;
> endpoint_size = endpoint ? strlen(endpoint) + 1 : 1;
> size = sizeof(*smb_floor) + endpoint_size + sizeof(*nb_floor) + networkaddr_size;
>
> if (!tower_data)
> return size;
>
>
> It is correct in that these three are not initialised and could point to anything on the local stack.
> Additionally if you look above you can get potentially a bogus return..
>
>
> Additionally for tcp_floor:
>
> static size_t rpcrt4_ip_tcp_get_top_of_tower(unsigned char *tower_data,
> const char *networkaddr,
> unsigned char tcp_protid,
> const char *endpoint)
> {
> twr_tcp_floor_t *tcp_floor;
> twr_ipv4_floor_t *ipv4_floor;
> struct addrinfo *ai;
> struct addrinfo hints;
> int ret;
> size_t size = sizeof(*tcp_floor) + sizeof(*ipv4_floor);
>
> TRACE("(%p, %s, %s)\n", tower_data, networkaddr, endpoint);
>
> if (!tower_data)
> return size;
>
>
> Same problem here as well
>
>
>
> Chris
>
>
Looks like a CPPCheck bug, sizeof is a unary operator and not a
function, those variables never get dereferenced. The ()s in those
expressions are actually unneeded as sizeof only needs them for type
names and not variables.
Alasdair
More information about the wine-devel
mailing list