[Bug 278128] Use of uninitialized memory in libcam
Date: Tue, 02 Apr 2024 11:49:40 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278128 Bug ID: 278128 Summary: Use of uninitialized memory in libcam Product: Base System Version: 13.2-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: pen@lysator.liu.se While running valgrind on a small tool I noticed a warning/problem it detected in /usr/src/lib/libcam/camlib.c (cam_open_device->cam_lookup_pass->ioctl): ==61793== Memcheck, a memory error detector ==61793== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==61793== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info ==61793== Command: ./drvlist -v ==61793== ==61793== Syscall param ioctl(generic) points to uninitialised byte(s) ==61793== at 0x4A0536A: ioctl (in /lib/libc.so.7) ==61793== by 0x206977: cam_lookup_pass (camlib.c:450) ==61793== by 0x206882: cam_open_device (camlib.c:266) ==61793== by 0x204D84: do_device (drvlist.c:398) ==61793== by 0x2059A3: main (drvlist.c:604) ==61793== Address 0x1ffbffee10 is on thread 1's stack ==61793== in frame #1, created by cam_lookup_pass (camlib.c:421) ==61793== Uninitialised value was created by a stack allocation ==61793== at 0x2068A4: cam_lookup_pass (camlib.c:421) The problem is that cam_lookup_pass() doesn't fully initialize the ccb struct before calling ioctl(). Probably not a big issue, but to get rid of that warning a simple memset(&ccb, 0, sizeof(ccb)) before the code that initialize it is needed. -- You are receiving this mail because: You are the assignee for the bug.