[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Wed May 6 12:09:17 UTC 2015


The branch master has been updated
       via  4c9b0a0314c8bab3c9faeac06d0aa734836b2f81 (commit)
      from  4407d070e591cc8dc3f4b34779933f97cf2df222 (commit)


- Log -----------------------------------------------------------------
commit 4c9b0a0314c8bab3c9faeac06d0aa734836b2f81
Author: Gunnar Kudrjavets <gunnarku at microsoft.com>
Date:   Wed May 6 10:16:55 2015 +0100

    Initialize potentially uninitialized local variables
    
    Compiling OpenSSL code with MSVC and /W4 results in a number of warnings.
    One category of warnings is particularly interesting - C4701 (potentially
    uninitialized local variable 'name' used). This warning pretty much means
    that there's a code path which results in uninitialized variables being used
    or returned. Depending on compiler, its options, OS, values in registers
    and/or stack, the results can be nondeterministic. Cases like this are very
    hard to debug so it's rational to fix these issues.
    
    This patch contains a set of trivial fixes for all the C4701 warnings (just
    initializing variables to 0 or NULL or appropriate error code) to make sure
    that deterministic values will be returned from all the execution paths.
    
    RT#3835
    
    Signed-off-by: Matt Caswell <matt at openssl.org>
    
    Matt's note: All of these appear to be bogus warnings, i.e. there isn't
    actually a code path where an unitialised variable could be used - its just
    that the compiler hasn't been able to figure that out from the logic. So
    this commit is just about silencing spurious warnings.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.c             |  2 +-
 apps/dsaparam.c         |  2 +-
 apps/s_server.c         |  2 +-
 crypto/asn1/asn1_gen.c  |  2 +-
 crypto/asn1/tasn_dec.c  |  2 +-
 crypto/evp/m_sigver.c   | 10 +++++-----
 crypto/evp/p_sign.c     |  6 +++---
 crypto/evp/p_verify.c   |  6 +++---
 crypto/pem/pem_lib.c    |  2 +-
 crypto/x509/x509_vfy.c  |  8 ++++----
 crypto/x509v3/v3_addr.c |  2 +-
 crypto/x509v3/v3_asid.c |  2 +-
 crypto/x509v3/v3_conf.c |  2 +-
 ssl/t1_lib.c            |  2 +-
 test/evp_test.c         |  8 ++++----
 15 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/apps/apps.c b/apps/apps.c
index 53b76e9..215acb1 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -175,7 +175,7 @@ int app_init(long mesgwin);
 int chopup_args(ARGS *arg, char *buf)
 {
     int quoted;
-    char c, *p;
+    char c = '\0', *p = NULL;
 
     arg->argc = 0;
     if (arg->size == 0) {
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 62d5fe7..cf29b80 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -117,7 +117,7 @@ int dsaparam_main(int argc, char **argv)
     DSA *dsa = NULL;
     BIO *in = NULL, *out = NULL;
     BN_GENCB *cb = NULL;
-    int numbits = -1, num, genkey = 0, need_rand = 0, non_fips_allow = 0;
+    int numbits = -1, num = 0, genkey = 0, need_rand = 0, non_fips_allow = 0;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM, noout = 0, C = 0, ret =
         1;
     int i, text = 0;
diff --git a/apps/s_server.c b/apps/s_server.c
index 55781ac..7f8a2a6 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -631,7 +631,7 @@ static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, 0 };
 static int cert_status_cb(SSL *s, void *arg)
 {
     tlsextstatusctx *srctx = arg;
-    char *host, *port, *path;
+    char *host = NULL, *port = NULL, *path = NULL;
     int use_ssl;
     unsigned char *rspder = NULL;
     int rspderlen;
diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c
index 049515d..ab82b52 100644
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@@ -159,7 +159,7 @@ static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
     unsigned char *p;
     const unsigned char *cp;
     int cpy_len;
-    long hdr_len;
+    long hdr_len = 0;
     int hdr_constructed = 0, hdr_tag, hdr_class;
     int r;
 
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index c5caff7..7a6414a 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -645,7 +645,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
     long plen;
     char cst, inf, free_cont = 0;
     const unsigned char *p;
-    BUF_MEM buf;
+    BUF_MEM buf = { 0 };
     const unsigned char *cont = NULL;
     long len;
     if (!pval) {
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 65a49ad..288c563 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -128,7 +128,7 @@ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
 int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
                         size_t *siglen)
 {
-    int sctx, r = 0;
+    int sctx = 0, r = 0;
     EVP_PKEY_CTX *pctx = ctx->pctx;
     if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) {
         if (!sigret)
@@ -150,7 +150,7 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
         sctx = 0;
     if (sigret) {
         unsigned char md[EVP_MAX_MD_SIZE];
-        unsigned int mdlen;
+        unsigned int mdlen = 0;
         if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
             if (sctx)
                 r = ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx);
@@ -189,9 +189,9 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
                           size_t siglen)
 {
     unsigned char md[EVP_MAX_MD_SIZE];
-    int r;
-    unsigned int mdlen;
-    int vctx;
+    int r = 0;
+    unsigned int mdlen = 0;
+    int vctx = 0;
 
     if (ctx->pctx->pmeth->verifyctx)
         vctx = 1;
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index 541c6e7..07ae252 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -66,8 +66,8 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
                   unsigned int *siglen, EVP_PKEY *pkey)
 {
     unsigned char m[EVP_MAX_MD_SIZE];
-    unsigned int m_len;
-    int i = 0, ok = 0, v;
+    unsigned int m_len = 0;
+    int i = 0, ok = 0, v = 0;
     EVP_PKEY_CTX *pkctx = NULL;
 
     *siglen = 0;
@@ -75,7 +75,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
         if (!EVP_DigestFinal_ex(ctx, m, &m_len))
             goto err;
     } else {
-        int rv;
+        int rv = 0;
         EVP_MD_CTX tmp_ctx;
         EVP_MD_CTX_init(&tmp_ctx);
         rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 3242931..2277a91 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -66,15 +66,15 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
                     unsigned int siglen, EVP_PKEY *pkey)
 {
     unsigned char m[EVP_MAX_MD_SIZE];
-    unsigned int m_len;
-    int i = 0, ok = 0, v;
+    unsigned int m_len = 0;
+    int i = 0, ok = 0, v = 0;
     EVP_PKEY_CTX *pkctx = NULL;
 
     if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
         if (!EVP_DigestFinal_ex(ctx, m, &m_len))
             goto err;
     } else {
-        int rv;
+        int rv = 0;
         EVP_MD_CTX tmp_ctx;
         EVP_MD_CTX_init(&tmp_ctx);
         rv = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 143d001..bb3b31e 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -339,7 +339,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
                        int klen, pem_password_cb *callback, void *u)
 {
     EVP_CIPHER_CTX ctx;
-    int dsize = 0, i, j, ret = 0;
+    int dsize = 0, i = 0, j = 0, ret = 0;
     unsigned char *p, *data = NULL;
     const char *objstr = NULL;
     char buf[PEM_BUFSIZE];
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 40a1e61..4538b8b 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -842,7 +842,7 @@ static int check_trust(X509_STORE_CTX *ctx)
 
 static int check_revocation(X509_STORE_CTX *ctx)
 {
-    int i, last, ok;
+    int i = 0, last = 0, ok = 0;
     if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
         return 1;
     if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
@@ -865,9 +865,9 @@ static int check_revocation(X509_STORE_CTX *ctx)
 static int check_cert(X509_STORE_CTX *ctx)
 {
     X509_CRL *crl = NULL, *dcrl = NULL;
-    X509 *x;
-    int ok, cnum;
-    unsigned int last_reasons;
+    X509 *x = NULL;
+    int ok = 0, cnum = 0;
+    unsigned int last_reasons = 0;
     cnum = ctx->error_depth;
     x = sk_X509_value(ctx->chain, cnum);
     ctx->current_cert = x;
diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index fecf765..cdc1346 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -945,7 +945,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
         CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
         unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
         unsigned afi, *safi = NULL, safi_;
-        const char *addr_chars;
+        const char *addr_chars = NULL;
         int prefixlen, i1, i2, delim, length;
 
         if (!name_cmp(val->name, "IPv4")) {
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index d7f5848..26ca158 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -553,7 +553,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
 
     for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
         CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
-        int i1, i2, i3, is_range, which;
+        int i1 = 0, i2 = 0, i3 = 0, is_range = 0, which = 0;
 
         /*
          * Figure out whether this is an AS or an RDI.
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 0997d59..bb1146e 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -267,7 +267,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
                                             X509V3_CTX *ctx)
 {
     unsigned char *ext_der = NULL;
-    long ext_len;
+    long ext_len = 0;
     ASN1_OBJECT *obj = NULL;
     ASN1_OCTET_STRING *oct = NULL;
     X509_EXTENSION *extension = NULL;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 7af9c7e..9068195 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2720,7 +2720,7 @@ int tls1_set_server_sigalgs(SSL *s)
 int ssl_check_clienthello_tlsext_late(SSL *s)
 {
     int ret = SSL_TLSEXT_ERR_OK;
-    int al;
+    int al = SSL_AD_INTERNAL_ERROR;
 
     /*
      * If status request then ask callback what to do. Note: this must be
diff --git a/test/evp_test.c b/test/evp_test.c
index 0bba274..51fc6af 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -361,12 +361,12 @@ static int check_unsupported()
 
 static int process_test(struct evp_test *t, char *buf, int verbose)
 {
-    char *keyword, *value;
+    char *keyword = NULL, *value = NULL;
     int rv = 0, add_key = 0;
-    long save_pos;
-    struct key_list **lst, *key;
+    long save_pos = 0;
+    struct key_list **lst = NULL, *key = NULL;
     EVP_PKEY *pk = NULL;
-    const struct evp_test_method *tmeth;
+    const struct evp_test_method *tmeth = NULL;
     if (verbose)
         fputs(buf, stdout);
     if (!parse_line(&keyword, &value, buf))


More information about the openssl-commits mailing list