[tz] tzcode: uninitialized sp->charcnt gives clang analyzer warning
jengelh at inai.de
Mon Aug 9 22:55:22 UTC 2021
On Monday 2021-08-09 23:32, Paul Eggert wrote:
> On 8/9/21 4:47 AM, Jan Engelhardt via tz wrote:
>> When building tzcode commit 7f74206b39673b1a110285c6992f70507e211060
>> with -DALL_STATE, clang reports a loop with a undefined
>> termination condition because sp->charcnt is not set before its
>> use. There should probably be a sp->charcnt=0 in zoneinit.
> Thanks for reporting that. Unfortunately, though, this appears to be a false
> alarm from Clang, as I don't see how sp->charcnt can be used without being set,
> because If tzload returns zero then sp->charcnt must be set.
Inside tzload, if malloc fails, then, by POSIX standardese, it ought to set
errno. However, clang - rightfully, I think - does not make any particular
assumptions about malloc and has found and reported the case whereby this
malloc returns with NULL _and_ errno is 0. (The malloc(3) page on Linux systems
mentions the corner-cases in which errno=0 can happen, namely "private malloc
tzload then returns errno, which is 0 under these pretenses, thereby signalling
to its caller that everything was fine, when it fact it wasn't. This is how
clang then arrived at sp->charcnt being used without initialization.
Using calloc instead of malloc, or just setting the field to zero, should
have little ill effect, even cosmetically.
More information about the tz