Source-Changes-D archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/sys/netinet6

On Mon, Mar 18, 2013 at 07:31:39PM +0000, Greg Troxel wrote:
> Module Name:  src
> Committed By: gdt
> Date:         Mon Mar 18 19:31:39 UTC 2013
> Modified Files:
>       src/sys/netinet6: ip6_output.c
> Log Message:
> Initialize variable used as (conditional) result parameter.
> ip6_insertfraghdr either sets a result parameter or returns an error.
> While the caller only uses the result parameter in the non-error case,
> knowing that requires cross-module static analysis, and that's not
> robust against distant code changes.  Therfore, set ip6f to NULL
> before the function call that maybe sets it, avoiding a spuruious
> warning and changing the future possible bug from an unitialized
> dereference to a NULL deferrence.

'If it returns fail it hasn't changed anything' is quite a common
property of functions. In fact I'd tend to expect it.

Cross module analysis isn't really a big issue, the actual problem
is when a compiler does a deeper analysis of a local function and
fails to spot the relationship.

There are some efficiency reasons for using multiple 'error' pointer
values so that the errno value can be returned in the same field.
They all tend to lead to coding errors!


David Laight:

Home | Main Index | Thread Index | Old Index