From b5e98d5e144f4b3a2771a421690b4b729dc1b7ae Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Thu, 27 Oct 2022 21:46:13 +0200 Subject: [PATCH 1/4] cat_one_file(): make it easy to see that the `size` variable is initialized The large `switch` statement makes it a bit impractical to reason about the code. One of the code paths can technically lead to using `size` without being initialized: if the `t` case is taken and the type name is set to the empty string, we would actually leave `size` unintialized right until we use it. Practically, this cannot happen because the `do_oid_object_info_extended()` function is expected to always populate the `type_name` if asked for. However, it is quite unnecessary to leave the code as unwieldy to reason about: Just initialize the variable to 0 and be done with it. Signed-off-by: Johannes Schindelin --- builtin/cat-file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builtin/cat-file.c b/builtin/cat-file.c index b13561cf73b11b..128c901fa8e82d 100644 --- a/builtin/cat-file.c +++ b/builtin/cat-file.c @@ -104,7 +104,7 @@ static int cat_one_file(int opt, const char *exp_type, const char *obj_name, struct object_id oid; enum object_type type; char *buf; - unsigned long size; + unsigned long size = 0; struct object_context obj_context = {0}; struct object_info oi = OBJECT_INFO_INIT; struct strbuf sb = STRBUF_INIT; From 575b4b2c2b8a5e800bb65b99f1fcdd6aaae63f94 Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Fri, 16 Dec 2022 22:07:45 +0100 Subject: [PATCH 2/4] fsck: avoid using an uninitialized variable In `fsck_commit()`, after counting the authors of a commit, we set the `err` variable either when there was no author, or when there were more than two authors recorded. Then we access the `err` variable to figure out whether we should return early. But if there was exactly one author, that variable is still uninitialized. Let's just initialize the variable. This issue was pointed out by CodeQL. Signed-off-by: Johannes Schindelin --- fsck.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fsck.c b/fsck.c index 9fc4c25ffd59ba..ad04b24ff13a5a 100644 --- a/fsck.c +++ b/fsck.c @@ -925,7 +925,7 @@ static int fsck_commit(const struct object_id *oid, { struct object_id tree_oid, parent_oid; unsigned author_count; - int err; + int err = 0; const char *buffer_begin = buffer; const char *buffer_end = buffer + size; const char *p; From b9901920de20ae29bd55bd68dab37a737867593b Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Fri, 16 Dec 2022 22:56:26 +0100 Subject: [PATCH 3/4] load_revindex_from_disk(): avoid accessing uninitialized data The `revindex_size` value is uninitialized in case the function is erroring out, but we want to assign its value. Let's just initialize it. Signed-off-by: Johannes Schindelin --- pack-revindex.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pack-revindex.c b/pack-revindex.c index d3832478d99edf..3b007d771b362e 100644 --- a/pack-revindex.c +++ b/pack-revindex.c @@ -208,7 +208,7 @@ static int load_revindex_from_disk(char *revindex_name, int fd, ret = 0; struct stat st; void *data = NULL; - size_t revindex_size; + size_t revindex_size = 0; struct revindex_header *hdr; if (git_env_bool(GIT_TEST_REV_INDEX_DIE_ON_DISK, 0)) From d630e95b9672e6b4b3114c077f2995c5170a6a8f Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Fri, 16 Dec 2022 22:58:37 +0100 Subject: [PATCH 4/4] load_pack_mtimes_file(): avoid accessing uninitialized data The `mtimes_size` variable is uninitialzed when the function errors out, yet its value is assigned to another variable. Let's just initialize it. Signed-off-by: Johannes Schindelin --- pack-mtimes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pack-mtimes.c b/pack-mtimes.c index cdf30b8d2b0e80..c1f531d45a0ad6 100644 --- a/pack-mtimes.c +++ b/pack-mtimes.c @@ -29,7 +29,7 @@ static int load_pack_mtimes_file(char *mtimes_file, int fd, ret = 0; struct stat st; uint32_t *data = NULL; - size_t mtimes_size, expected_size; + size_t mtimes_size = 0, expected_size; struct mtimes_header header; fd = git_open(mtimes_file);