This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug libfortran/69651] New: Usage of unitialized pointer io/list_read.c
- From: "kyukhin at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Wed, 03 Feb 2016 09:32:53 +0000
- Subject: [Bug libfortran/69651] New: Usage of unitialized pointer io/list_read.c
- Auto-submitted: auto-generated
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69651
Bug ID: 69651
Summary: Usage of unitialized pointer io/list_read.c
Product: gcc
Version: 6.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libfortran
Assignee: unassigned at gcc dot gnu.org
Reporter: kyukhin at gcc dot gnu.org
Target Milestone: ---
Unfortunately I have no testcase.
But code itself looks awful to me:
/* Worker function to save a KIND=4 character to a string buffer,
enlarging the buffer as necessary. */
static void
push_char4 (st_parameter_dt *dtp, int c)
{
gfc_char4_t *new, *p = (gfc_char4_t *) dtp->u.p.saved_string;
if (p == NULL)
{
dtp->u.p.saved_string = xcalloc (SCRATCH_SIZE, sizeof (gfc_char4_t));
dtp->u.p.saved_length = SCRATCH_SIZE;
dtp->u.p.saved_used = 0;
p = (gfc_char4_t *) dtp->u.p.saved_string;
}
if (dtp->u.p.saved_used >= dtp->u.p.saved_length)
{
dtp->u.p.saved_length = 2 * dtp->u.p.saved_length;
p = xrealloc (p, dtp->u.p.saved_length * sizeof (gfc_char4_t));
memset4 (new + dtp->u.p.saved_used, 0, // <-- ??? new==junk ???
dtp->u.p.saved_length - dtp->u.p.saved_used);
}
p[dtp->u.p.saved_used++] = c;
}
It was introduced w/ r210948
(https://gcc.gnu.org/ml/fortran/2014-05/msg00149.html). Before that new was [at
least] initialized.