[llvm-bugs] [Bug 32249] New: PVS-Studio: Use of Uninitialized Variable (CWE-457)

[via llvm-bugs]

https://bugs.llvm.org/show_bug.cgi?id=32249

            Bug ID: 32249
           Summary: PVS-Studio: Use of Uninitialized Variable (CWE-457)
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: release blocker
          Priority: P
         Component: DebugInfo
          Assignee: unassignedbugs at nondot.org
          Reporter: razmyslov at viva64.com
                CC: llvm-bugs at lists.llvm.org

Created attachment 18085
  --> https://bugs.llvm.org/attachment.cgi?id=18085&action=edit
possible fix

We have found a vulnerability (CWE-457) using PVS-Studio tool: PVS-Studio is a
static code analyzer for C, C++ and C#: https://www.viva64.com/en/pvs-studio/

Analyzer warning: V573 Uninitialized variable 'BytesToDrop' was used. The
variable was used to initialize itself.

static Error mapNameAndUniqueName(....) {
  ....
  size_t BytesLeft = IO.maxFieldLength();
  if (HasUniqueName) {
    .....
    if (BytesNeeded > BytesLeft) {
      size_t BytesToDrop = (BytesNeeded - BytesLeft);
      size_t DropN = std::min(N.size(), BytesToDrop / 2);
      size_t DropU = std::min(U.size(), BytesToDrop - DropN);
      ....
    }
  } else {
    size_t BytesNeeded = Name.size() + 1;
    StringRef N = Name;
    if (BytesNeeded > BytesLeft) {
      size_t BytesToDrop = std::min(N.size(), BytesToDrop); // <=
      N = N.drop_back(BytesToDrop);
    }
    error(IO.mapStringZ(N));
  }
  ....
}

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20170313/d6226900/attachment-0001.html>