>Number:         18917
>Category:       kern
>Synopsis:       use of uninitialized variable in nfs/nfs_vfsops.c::nfs_mount()
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Nov 04 01:28:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     ITOH Yasufumi
>Release:        NetBSD 1.6K (Nov. 4, 2002)
>Organization:
>Environment:
System: NetBSD illusion.my.domain 1.6K NetBSD 1.6K (ILLUSION.test) #429: Mon Nov 4 18:06:03 JST 2002 itohy@pino.my.domain:/w/src/sys/arch/dreamcast/compile/ILLUSION.test dreamcast
Architecture: sh3el
Machine: dreamcast
>Description:
	The variable "sa" possibly used uninitialized
	in nfs/nfs_vfsops.c::nfs_mount(), if args.addr == NULL.
	I'm not sure if the case actually occurs.

int
nfs_mount(mp, path, data, ndp, p)
	struct mount *mp;
	const char *path;
	void *data;
	struct nameidata *ndp;
	struct proc *p;
{
	int error;
	struct nfs_args args;
	struct mbuf *nam;
	struct nfsmount *nmp = VFSTONFS(mp);
	struct sockaddr *sa;
	struct vnode *vp;
	char *pth, *hst;
	size_t len;
	u_char *nfh;

	error = copyin(data, (caddr_t)&args, sizeof (struct nfs_args));
	if (error)
		return (error);

	if (mp->mnt_flag & MNT_GETARGS) {

		if (nmp == NULL)
			return (EIO);
		if (args.addr != NULL) {
			sa = mtod(nmp->nm_nam, struct sockaddr *);
			error = copyout(sa, args.addr, sa->sa_len);
			if (error)
				return (error);
		}
		args.version = NFS_ARGSVERSION;
		args.addrlen = sa->sa_len;		<==== here
		args.sotype = nmp->nm_sotype;
		args.proto = nmp->nm_soproto;
	...

>How-To-Repeat:
	1. try to compile without -Wno-uninitialized,
	2. look at the code.

>Fix:
	unknown

>Release-Note:
>Audit-Trail:
>Unformatted: