Re: [edk2] BUG in StdLib

Mon, 12 Aug 2013 13:40:08 -0700 

Sergey,

Thank you for reporting this problem.  I have verified the error and have added 
it to the list of problems to be rectified.

Daryl McDaniel

"I have always wished for my computer to be as easy to use as my telephone;
my wish has come true because I can no longer figure out how to use my 
telephone."
-- Bjarne Stoustrup


From: Sergey Isakov [mailto:[email protected]]
Sent: Saturday, August 10, 2013 12:27 AM
To: [email protected]
Subject: [edk2] BUG in StdLib

Hi all,
I just checked edk2-14538 with cppcheck and found one of possible bug to be a 
real error.
--------
[edk2/StdLib/LibC/Stdio/vsnprintf_ss.c:145]: (error) Uninitialized variable: n
---------
The procedure looks like
-----------
int
vsnprintf_ss(char *sbuf, size_t slen, const char *fmt0, va_list ap)
{
  const char *fmt;  /* format string */
  int ch;     /* character from fmt */
  int n;      /* handy integer (short term usage) */
  char *cp;   /* handy char pointer (short term usage) */
  int flags;    /* flags as above */
  int ret;    /* return value accumulator */
  int width;    /* width from format (%8d), or 0 */
  int prec;   /* precision from format (%.3d), or -1 */
  char sign;    /* sign prefix (' ', '+', '-', or \0) */

  u_quad_t _uquad;  /* integer arguments %[diouxX] */
  enum { OCT, DEC, HEX } base;/* base for [diouxX] conversion */
  int dprec;    /* a copy of prec if [diouxX], 0 otherwise */
  int realsz;   /* field size expanded by dprec */
  int size;   /* size of converted field or string */
  const char *xdigs;  /* digits for [xX] conversion */
  char bf[128];     /* space for %c, %[diouxX] */
  char *tailp;    /* tail pointer for snprintf */

  static const char xdigs_lower[16] = "0123456789abcdef";
  static const char xdigs_upper[16] = "0123456789ABCDEF";


  _DIAGASSERT(n == 0 || sbuf != NULL);
  _DIAGASSERT(fmt != NULL);

-----------
There should be
-------------
  _DIAGASSERT(slen != 0 || sbuf != NULL);
  _DIAGASSERT(fmt0 != NULL);

--------------
How do you think?

------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead. 
Download for free and get started troubleshooting in minutes. 
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-devel

Reply via email to