|
| From: | Paul Menzel |
| Subject: | Re: [SECURITY PATCH 029/117] zstd: Initialize seq_t structure fully |
| Date: | Thu, 18 Mar 2021 09:50:00 +0100 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 |
Dear Darren, dear Daniel, Am 02.03.21 um 19:00 schrieb Daniel Kiper:
From: Darren Kenny <darren.kenny@oracle.com> While many compilers will initialize this to zero, not all will,
Which ones do not?
so it is better to be sure that fields not being explicitly set are at known values, and there is code that checks this fields value elsewhere in the code. Fixes: CID 292440
What is the exact error? Is there a code flow, where one element does not get set. (The commit message would be incorrect if this is not the case.)
Lastly, this is imported from upstream. I created an issue upstream [1].
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
grub-core/lib/zstd/zstd_decompress.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/lib/zstd/zstd_decompress.c
b/grub-core/lib/zstd/zstd_decompress.c
index 711b5b6d7..e4b5670c2 100644
--- a/grub-core/lib/zstd/zstd_decompress.c
+++ b/grub-core/lib/zstd/zstd_decompress.c
@@ -1325,7 +1325,7 @@ typedef enum { ZSTD_lo_isRegularOffset,
ZSTD_lo_isLongOffset=1 } ZSTD_longOffset
FORCE_INLINE_TEMPLATE seq_t
ZSTD_decodeSequence(seqState_t* seqState, const ZSTD_longOffset_e longOffsets)
{
- seq_t seq;
+ seq_t seq = {0};
U32 const llBits =
seqState->stateLL.table[seqState->stateLL.state].nbAdditionalBits;
U32 const mlBits =
seqState->stateML.table[seqState->stateML.state].nbAdditionalBits;
U32 const ofBits =
seqState->stateOffb.table[seqState->stateOffb.state].nbAdditionalBits;
I once read, that compilers cannot warn you, if you miss setting an element if you initialize structures to 0 in the beginning.
Kind regards, Paul [1]: https://github.com/facebook/zstd/issues/2545
| [Prev in Thread] | Current Thread | [Next in Thread] |