[kbuild] fs/ntfs3/lznt.c:234:16: warning: use of uninitialized value '' [CWE-457]

Fri, 05 Aug 2022 20:41:51 -0700 

:::::: 
:::::: Manual check reason: "low confidence bisect report"
:::::: Manual check reason: "low confidence static check first_new_problem: 
fs/ntfs3/lznt.c:234:16: warning: use of uninitialized value '<unknown>' 
[CWE-457] [-Wanalyzer-use-of-uninitialized-value]"
:::::: 

BCC: [email protected]
CC: [email protected]
CC: [email protected]
TO: Konstantin Komarov <[email protected]>

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 
master
head:   6614a3c3164a5df2b54abb0b3559f51041cf705b
commit: 6e5be40d32fb1907285277c02e74493ed43d77fe fs/ntfs3: Add NTFS3 in 
fs/Kconfig and fs/Makefile
date:   12 months ago
:::::: branch date: 4 hours ago
:::::: commit date: 12 months ago
config: arm-randconfig-c002-20220801 
(https://download.01.org/0day-ci/archive/20220806/[email protected]/config)
compiler: arm-linux-gnueabi-gcc (GCC) 12.1.0
reproduce (this is a W=1 build):
        wget 
https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O 
~/bin/make.cross
        chmod +x ~/bin/make.cross
        # 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6e5be40d32fb1907285277c02e74493ed43d77fe
        git remote add linus 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
        git fetch --no-tags linus master
        git checkout 6e5be40d32fb1907285277c02e74493ed43d77fe
        # save the config file
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross 
ARCH=arm KBUILD_USERCFLAGS='-fanalyzer -Wno-error' 

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <[email protected]>

gcc-analyzer warnings: (new ones prefixed by >>)
   fs/ntfs3/lznt.c: In function 'decompress_chunk':
>> fs/ntfs3/lznt.c:234:16: warning: use of uninitialized value '<unknown>' 
>> [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
     234 |         size_t offset, length;
         |                ^~~~~~
     'decompress_chunk': event 1
       |
       |  234 |         size_t offset, length;
       |      |                ^~~~~~
       |      |                |
       |      |                (1) use of uninitialized value '<unknown>' here
       |

vim +234 fs/ntfs3/lznt.c

522e010b58379f Konstantin Komarov 2021-08-13  225  
522e010b58379f Konstantin Komarov 2021-08-13  226  static inline ssize_t 
decompress_chunk(u8 *unc, u8 *unc_end, const u8 *cmpr,
522e010b58379f Konstantin Komarov 2021-08-13  227                               
       const u8 *cmpr_end)
522e010b58379f Konstantin Komarov 2021-08-13  228  {
522e010b58379f Konstantin Komarov 2021-08-13  229       u8 *up = unc;
522e010b58379f Konstantin Komarov 2021-08-13  230       u8 ch = *cmpr++;
522e010b58379f Konstantin Komarov 2021-08-13  231       size_t bit = 0;
522e010b58379f Konstantin Komarov 2021-08-13  232       size_t index = 0;
522e010b58379f Konstantin Komarov 2021-08-13  233       u16 pair;
522e010b58379f Konstantin Komarov 2021-08-13 @234       size_t offset, length;
522e010b58379f Konstantin Komarov 2021-08-13  235  
522e010b58379f Konstantin Komarov 2021-08-13  236       /* Do decompression 
until pointers are inside range */
522e010b58379f Konstantin Komarov 2021-08-13  237       while (up < unc_end && 
cmpr < cmpr_end) {
522e010b58379f Konstantin Komarov 2021-08-13  238               /* Correct 
index */
522e010b58379f Konstantin Komarov 2021-08-13  239               while (unc + 
s_max_off[index] < up)
522e010b58379f Konstantin Komarov 2021-08-13  240                       index 
+= 1;
522e010b58379f Konstantin Komarov 2021-08-13  241  
522e010b58379f Konstantin Komarov 2021-08-13  242               /* Check the 
current flag for zero */
522e010b58379f Konstantin Komarov 2021-08-13  243               if (!(ch & (1 
<< bit))) {
522e010b58379f Konstantin Komarov 2021-08-13  244                       /* Just 
copy byte */
522e010b58379f Konstantin Komarov 2021-08-13  245                       *up++ = 
*cmpr++;
522e010b58379f Konstantin Komarov 2021-08-13  246                       goto 
next;
522e010b58379f Konstantin Komarov 2021-08-13  247               }
522e010b58379f Konstantin Komarov 2021-08-13  248  
522e010b58379f Konstantin Komarov 2021-08-13  249               /* Check for 
boundary */
522e010b58379f Konstantin Komarov 2021-08-13  250               if (cmpr + 1 >= 
cmpr_end)
522e010b58379f Konstantin Komarov 2021-08-13  251                       return 
-EINVAL;
522e010b58379f Konstantin Komarov 2021-08-13  252  
522e010b58379f Konstantin Komarov 2021-08-13  253               /* Read a short 
from little endian stream */
522e010b58379f Konstantin Komarov 2021-08-13  254               pair = cmpr[1];
522e010b58379f Konstantin Komarov 2021-08-13  255               pair <<= 8;
522e010b58379f Konstantin Komarov 2021-08-13  256               pair |= cmpr[0];
522e010b58379f Konstantin Komarov 2021-08-13  257  
522e010b58379f Konstantin Komarov 2021-08-13  258               cmpr += 2;
522e010b58379f Konstantin Komarov 2021-08-13  259  
522e010b58379f Konstantin Komarov 2021-08-13  260               /* Translate 
packed information into offset and length */
522e010b58379f Konstantin Komarov 2021-08-13  261               length = 
parse_pair(pair, &offset, index);
522e010b58379f Konstantin Komarov 2021-08-13  262  
522e010b58379f Konstantin Komarov 2021-08-13  263               /* Check offset 
for boundary */
522e010b58379f Konstantin Komarov 2021-08-13  264               if (unc + 
offset > up)
522e010b58379f Konstantin Komarov 2021-08-13  265                       return 
-EINVAL;
522e010b58379f Konstantin Komarov 2021-08-13  266  
522e010b58379f Konstantin Komarov 2021-08-13  267               /* Truncate the 
length if necessary */
522e010b58379f Konstantin Komarov 2021-08-13  268               if (up + length 
>= unc_end)
522e010b58379f Konstantin Komarov 2021-08-13  269                       length 
= unc_end - up;
522e010b58379f Konstantin Komarov 2021-08-13  270  
522e010b58379f Konstantin Komarov 2021-08-13  271               /* Now we copy 
bytes. This is the heart of LZ algorithm. */
522e010b58379f Konstantin Komarov 2021-08-13  272               for (; length > 
0; length--, up++)
522e010b58379f Konstantin Komarov 2021-08-13  273                       *up = 
*(up - offset);
522e010b58379f Konstantin Komarov 2021-08-13  274  
522e010b58379f Konstantin Komarov 2021-08-13  275  next:
522e010b58379f Konstantin Komarov 2021-08-13  276               /* Advance flag 
bit value */
522e010b58379f Konstantin Komarov 2021-08-13  277               bit = (bit + 1) 
& 7;
522e010b58379f Konstantin Komarov 2021-08-13  278  
522e010b58379f Konstantin Komarov 2021-08-13  279               if (!bit) {
522e010b58379f Konstantin Komarov 2021-08-13  280                       if 
(cmpr >= cmpr_end)
522e010b58379f Konstantin Komarov 2021-08-13  281                               
break;
522e010b58379f Konstantin Komarov 2021-08-13  282  
522e010b58379f Konstantin Komarov 2021-08-13  283                       ch = 
*cmpr++;
522e010b58379f Konstantin Komarov 2021-08-13  284               }
522e010b58379f Konstantin Komarov 2021-08-13  285       }
522e010b58379f Konstantin Komarov 2021-08-13  286  
522e010b58379f Konstantin Komarov 2021-08-13  287       /* return the size of 
uncompressed data */
522e010b58379f Konstantin Komarov 2021-08-13  288       return up - unc;
522e010b58379f Konstantin Komarov 2021-08-13  289  }
522e010b58379f Konstantin Komarov 2021-08-13  290  

:::::: The code at line 234 was first introduced by commit
:::::: 522e010b58379fbe19b38fdef5016bca0c3cf405 fs/ntfs3: Add compression

:::::: TO: Konstantin Komarov <[email protected]>
:::::: CC: Konstantin Komarov <[email protected]>

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp
_______________________________________________
kbuild mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to