bugzilla-daemon at mindrot.org
2023-Oct-10 16:34 UTC
[Bug 3625] New: potentially uninitialized local pointer in send_handle() in sftp-server.c
https://bugzilla.mindrot.org/show_bug.cgi?id=3625
Bug ID: 3625
Summary: potentially uninitialized local pointer in
send_handle() in sftp-server.c
Product: Portable OpenSSH
Version: 9.5p1
Hardware: All
OS: All
Status: NEW
Severity: trivial
Priority: P5
Component: sftp-server
Assignee: unassigned-bugs at mindrot.org
Reporter: tessgauthier at microsoft.com
Overview:
string is uninitialized.
static void
send_handle(u_int32_t id, int handle)
{
u_char *string;
int hlen;
handle_to_string(handle, &string, &hlen);
debug("request %u: sent handle %d", id, handle);
send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
free(string);
}
Expected Result:
u_char *string = NULL;
Additional Information:
Corresponding compiler warning -
https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-4-c4703?view=msvc-170&f1url=%3FappId%3DDev16IDEF1%26l%3DEN-US%26k%3Dk(C4703)%26rd%3Dtrue
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Oct-10 22:08 UTC
[Bug 3625] potentially uninitialized local pointer in send_handle() in sftp-server.c
https://bugzilla.mindrot.org/show_bug.cgi?id=3625
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Status|NEW |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Another false positive. handle_to_string() initalises handle. Please
don't post untriaged compiler warnings as bugs.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.