Message ID | CAAnZQXMTSsOtTRofB=FTE3HB9bdVxmnEbDTa8WPw-XeYVMb8GQ@mail.gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | src/common/dpp_crypto.c : fix uninitialised variable | expand |
On 09/03/2022 22:24, Alasdair Mackintosh wrote: > The current code generates a warning when compiled by Clang, because > if we goto 'fail:', pasword_len can be uninitialised when we pass it > in to bin_clear_free(). > > Note that the actual usage is safe, because bin_clear_free() ignores > the second argument if the first argument is NULL, but it still seems > worth cleaning up. > > Signed-off-by: Alasdair Mackintosh <alasdair at google.com> I'm not familiar with the toolchain Jouni uses, but I suspect an actual email address is needed in the Signed-off-by line rather than a part-obfuscated-one. HTH, Jan
On Wed, Mar 09, 2022 at 01:24:49PM -0800, Alasdair Mackintosh wrote: > The current code generates a warning when compiled by Clang, because > if we goto 'fail:', pasword_len can be uninitialised when we pass it > in to bin_clear_free(). > > Note that the actual usage is safe, because bin_clear_free() ignores > the second argument if the first argument is NULL, but it still seems > worth cleaning up. Thanks, applied.
diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 300416fb1..4fac7de8a 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -2059,7 +2059,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) struct wpabuf *priv_key; u8 cp[DPP_CP_LEN]; char *password = NULL; - size_t password_len; + size_t password_len = 0; int hash_sign_algo;
The current code generates a warning when compiled by Clang, because if we goto 'fail:', pasword_len can be uninitialised when we pass it in to bin_clear_free(). Note that the actual usage is safe, because bin_clear_free() ignores the second argument if the first argument is NULL, but it still seems worth cleaning up. Signed-off-by: Alasdair Mackintosh <alasdair at google.com> --- src/common/dpp_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) /* TODO: use auth->csrattrs */ -- 2.35.1.723.g4982287a31-goog