[tz] tzcode: uninitialized sp->charcnt gives clang analyzer warning
Jan Engelhardt
jengelh at inai.de
Mon Aug 9 22:55:22 UTC 2021
On Monday 2021-08-09 23:32, Paul Eggert wrote:
> On 8/9/21 4:47 AM, Jan Engelhardt via tz wrote:
>
>> When building tzcode commit 7f74206b39673b1a110285c6992f70507e211060
>> with -DALL_STATE, clang reports a loop with a undefined
>> termination condition because sp->charcnt is not set before its
>> use. There should probably be a sp->charcnt=0 in zoneinit.
>
> Thanks for reporting that. Unfortunately, though, this appears to be a false
> alarm from Clang, as I don't see how sp->charcnt can be used without being set,
> because If tzload returns zero then sp->charcnt must be set.
Inside tzload, if malloc fails, then, by POSIX standardese, it ought to set
errno. However, clang - rightfully, I think - does not make any particular
assumptions about malloc and has found and reported the case whereby this
malloc returns with NULL _and_ errno is 0. (The malloc(3) page on Linux systems
mentions the corner-cases in which errno=0 can happen, namely "private malloc
implementations".)
tzload then returns errno, which is 0 under these pretenses, thereby signalling
to its caller that everything was fine, when it fact it wasn't. This is how
clang then arrived at sp->charcnt being used without initialization.
Using calloc instead of malloc, or just setting the field to zero, should
have little ill effect, even cosmetically.
More information about the tz
mailing list