Module Name: src
Committed By: gdt
Date: Mon Mar 18 19:31:39 UTC 2013
Modified Files:
src/sys/netinet6: ip6_output.c
Log Message:
Initialize variable used as (conditional) result parameter.
ip6_insertfraghdr either sets a result parameter or returns an error.
While the caller only uses the result parameter in the non-error case,
knowing that requires cross-module static analysis, and that's not
robust against distant code changes. Therfore, set ip6f to NULL
before the function call that maybe sets it, avoiding a spuruious
warning and changing the future possible bug from an unitialized
dereference to a NULL deferrence.
To generate a diff of this commit:
cvs rdiff -u -r1.151 -r1.152 src/sys/netinet6/ip6_output.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.151 src/sys/netinet6/ip6_output.c:1.152
--- src/sys/netinet6/ip6_output.c:1.151 Fri Jan 25 10:33:53 2013
+++ src/sys/netinet6/ip6_output.c Mon Mar 18 19:31:39 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_output.c,v 1.151 2013/01/25 10:33:53 kefren Exp $ */
+/* $NetBSD: ip6_output.c,v 1.152 2013/03/18 19:31:39 gdt Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.151 2013/01/25 10:33:53 kefren Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.152 2013/03/18 19:31:39 gdt Exp $");
#include "opt_inet.h"
#include "opt_inet6.h"
@@ -905,6 +905,11 @@ ip6_output(
mhip6 = mtod(m, struct ip6_hdr *);
*mhip6 = *ip6;
m->m_len = sizeof(*mhip6);
+ /*
+ * ip6f must be valid if error is 0. But how
+ * can a compiler be expected to infer this?
+ */
+ ip6f = NULL;
error = ip6_insertfraghdr(m0, m, hlen, &ip6f);
if (error) {
IP6_STATINC(IP6_STAT_ODROPPED);
