From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 8259 invoked from network); 6 Jul 2020 22:01:01 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 6 Jul 2020 22:01:01 -0000
Received: (qmail 7593 invoked by uid 550); 6 Jul 2020 22:00:59 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 7566 invoked from network); 6 Jul 2020 22:00:58 -0000
Date: Mon, 6 Jul 2020 18:00:46 -0400
From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Message-ID: <20200706220045.GK6430@brightrain.aerifal.cx>
References: <E8B0FA07-16BD-490D-B48A-AC062A8F4A52@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E8B0FA07-16BD-490D-B48A-AC062A8F4A52@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [musl] [PATCH] vfscanf: fix use of uninitialized variable

On Wed, Jul 01, 2020 at 03:12:14PM +0200, Julien Ramseier wrote:
> vfscanf() may use the variable 'alloc' uninitialized when taking the branch
> introduced by recent commit b287cd745c2243f8e5114331763a5a9813b5f6ee.
> 
> Spotted by clang:
> 
> .../lib/libc/src/stdio/vfscanf.c:80:6: warning: variable 'alloc' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
>         if (!f->rpos) goto input_fail;
>             ^~~~~~~~
> .../lib/libc/src/stdio/vfscanf.c:330:7: note: uninitialized use occurs here
>                 if (alloc) {
>                     ^~~~~
> 
> ---
>  src/stdio/vfscanf.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/stdio/vfscanf.c b/src/stdio/vfscanf.c
> index b5ebc16e..b78a374d 100644
> --- a/src/stdio/vfscanf.c
> +++ b/src/stdio/vfscanf.c
> @@ -57,7 +57,7 @@ int vfscanf(FILE *restrict f, const char *restrict fmt, va_list ap)
>  {
>  	int width;
>  	int size;
> -	int alloc;
> +	int alloc = 0;
>  	int base;
>  	const unsigned char *p;
>  	int c, t;
> -- 
> 2.23.0

Thanks, applied.

Rich