mhu/gds-render
1
0
Fork 0
Code Issues 4 Pull Requests Releases 8 Wiki Activity

Use of uninitialized memory #49

New Issue
Closed
opened 2022-12-17 18:38:43 +01:00 by mhu · 0 comments
mhu commented 2022-12-17 18:38:43 +01:00
Owner
Copy Link

cell->stats.total_gfx_count is not initialized with 0 on creation of cell. However, it is used in calculate_vertex_gfx_count_cell during stat summation.

Initialize this variable.

Found by valgrind:

==24813== Conditional jump or move depends on uninitialised value(s)
==24813==    at 0x120B9E: calculate_vertex_gfx_count_cell (gds-statistics.c:46)
==24813==    by 0x120D03: gds_statistics_calc_cummulative_counts_in_lib (gds-statistics.c:84)
==24813==    by 0x11ECA9: calc_library_stats (gds-parser.c:625)
==24813==    by 0x48DC32F: g_list_foreach (glist.c:1092)
==24813==    by 0x12098A: parse_gds_from_file (gds-parser.c:1193)
==24813==    by 0x119D6F: on_load_gds (gds-render-gui.c:326)
==24813==    by 0x57B511B: UnknownInlinedFun (gclosure.c:895)
==24813==    by 0x57B511B: g_signal_emit_valist (gsignal.c:3456)
==24813==    by 0x57B5203: g_signal_emit (gsignal.c:3606)
==24813==    by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1845)
==24813==    by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1832)
==24813==    by 0x4A9D8D8: gtk_real_button_released (gtkbutton.c:1963)
==24813==    by 0x579720F: g_closure_invoke (gclosure.c:832)
==24813==    by 0x57C4B46: signal_emit_unlocked_R.isra.0 (gsignal.c:3726)
==24813==    by 0x57B4F74: g_signal_emit_valist (gsignal.c:3549)
==24813==  Uninitialised value was created by a heap allocation
==24813==    at 0x4841888: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24813==    by 0x11E66B: append_cell (gds-parser.c:357)
==24813==    by 0x11F77B: parse_gds_from_file (gds-parser.c:838)
==24813==    by 0x119D6F: on_load_gds (gds-render-gui.c:326)
==24813==    by 0x57B511B: UnknownInlinedFun (gclosure.c:895)
==24813==    by 0x57B511B: g_signal_emit_valist (gsignal.c:3456)
==24813==    by 0x57B5203: g_signal_emit (gsignal.c:3606)
==24813==    by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1845)
==24813==    by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1832)
==24813==    by 0x4A9D8D8: gtk_real_button_released (gtkbutton.c:1963)
==24813==    by 0x579720F: g_closure_invoke (gclosure.c:832)
==24813==    by 0x57C4B46: signal_emit_unlocked_R.isra.0 (gsignal.c:3726)
==24813==    by 0x57B4F74: g_signal_emit_valist (gsignal.c:3549)
==24813==    by 0x57B5203: g_signal_emit (gsignal.c:3606)
==24813==    by 0x4A9D684: multipress_released_cb (gtkbutton.c:666)
==24813==
cell->stats.total_gfx_count is not initialized with 0 on creation of cell. However, it is used in calculate_vertex_gfx_count_cell during stat summation. Initialize this variable. Found by valgrind: ``` ==24813== Conditional jump or move depends on uninitialised value(s) ==24813== at 0x120B9E: calculate_vertex_gfx_count_cell (gds-statistics.c:46) ==24813== by 0x120D03: gds_statistics_calc_cummulative_counts_in_lib (gds-statistics.c:84) ==24813== by 0x11ECA9: calc_library_stats (gds-parser.c:625) ==24813== by 0x48DC32F: g_list_foreach (glist.c:1092) ==24813== by 0x12098A: parse_gds_from_file (gds-parser.c:1193) ==24813== by 0x119D6F: on_load_gds (gds-render-gui.c:326) ==24813== by 0x57B511B: UnknownInlinedFun (gclosure.c:895) ==24813== by 0x57B511B: g_signal_emit_valist (gsignal.c:3456) ==24813== by 0x57B5203: g_signal_emit (gsignal.c:3606) ==24813== by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1845) ==24813== by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1832) ==24813== by 0x4A9D8D8: gtk_real_button_released (gtkbutton.c:1963) ==24813== by 0x579720F: g_closure_invoke (gclosure.c:832) ==24813== by 0x57C4B46: signal_emit_unlocked_R.isra.0 (gsignal.c:3726) ==24813== by 0x57B4F74: g_signal_emit_valist (gsignal.c:3549) ==24813== Uninitialised value was created by a heap allocation ==24813== at 0x4841888: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==24813== by 0x11E66B: append_cell (gds-parser.c:357) ==24813== by 0x11F77B: parse_gds_from_file (gds-parser.c:838) ==24813== by 0x119D6F: on_load_gds (gds-render-gui.c:326) ==24813== by 0x57B511B: UnknownInlinedFun (gclosure.c:895) ==24813== by 0x57B511B: g_signal_emit_valist (gsignal.c:3456) ==24813== by 0x57B5203: g_signal_emit (gsignal.c:3606) ==24813== by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1845) ==24813== by 0x4A9D8D8: UnknownInlinedFun (gtkbutton.c:1832) ==24813== by 0x4A9D8D8: gtk_real_button_released (gtkbutton.c:1963) ==24813== by 0x579720F: g_closure_invoke (gclosure.c:832) ==24813== by 0x57C4B46: signal_emit_unlocked_R.isra.0 (gsignal.c:3726) ==24813== by 0x57B4F74: g_signal_emit_valist (gsignal.c:3549) ==24813== by 0x57B5203: g_signal_emit (gsignal.c:3606) ==24813== by 0x4A9D684: multipress_released_cb (gtkbutton.c:666) ==24813== ```
mhu added the
enhancement
 label 2022-12-17 18:38:43 +01:00
mhu self-assigned this 2022-12-17 18:38:43 +01:00
mhu added this to the Release v2.0.0 milestone 2022-12-17 18:40:05 +01:00
mhu modified the milestone from Release v2.0.0 to v1.2.1 2022-12-17 18:40:25 +01:00
mhu referenced this issue from a commit 2022-12-17 18:42:40 +01:00
Fix #49: Initialize variable
mhu closed this issue 2022-12-17 18:43:57 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
duplicate
enhancement
help wanted
invalid
New Feature
question
wontfix
No Label
enhancement
Milestone
No items
No Milestone v1.2.1
Assignees
Clear assignees
mhu
No Assignees mhu
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mhu/gds-render#49
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?