[libmicrohttpd] branch master updated: address@hidden wrote:

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] branch master updated: address@hidden wrote:

From:	gnunet
Subject:	[libmicrohttpd] branch master updated: address@hidden wrote:
Date:	Fri, 03 Sep 2021 13:31:41 +0200

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository libmicrohttpd.

The following commit(s) were added to refs/heads/master by this push:
     new fdfd5dc8 tbrehm@dspace.de wrote:
fdfd5dc8 is described below

commit fdfd5dc80ffbe9468c92c41c35af6dbe2bf900af
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Sep 3 13:31:05 2021 +0200

    tbrehm@dspace.de wrote:
    
    Hi,
    
    gcc10 complains with two warnings when compiling libmicrohttpd using
    
        #define NDEBUG 1
        #define DAUTH_SUPPORT 1
    
    so, "release build" with enabled "digest authentication":
    
    ../digestauth.c: In function 'MHD_digest_auth_check_digest2':
    ../digestauth.c:1287:9: warning: 'da.digest_size' may be used uninitialized 
in this function [-Wmaybe-uninitialized]
     1287 |   if (da.digest_size != digest_size)
          |       ~~^~~~~~~~~~~~
    ../digestauth.c: In function 'MHD_queue_auth_fail_response2':
    ../digestauth.c:1361:55: warning: 'da.digest_size' may be used 
uninitialized in this function [-Wmaybe-uninitialized]
     1361 |     char nonce[NONCE_STD_LEN (VLA_ARRAY_LEN_DIGEST 
(da.digest_size)) + 1];
          |
    
    This is a minor issue, without any practical effect, unless when calling 
the MHD API with an invalid value for the MHD_DigestAuthAlgorithm enum.
    However, gcc is still right that there is a potential code path with 
undefined behaviour: the default-case in the switch statement in SETUP_DA does 
not set "da.digest_size".
    Two functions later still always read this value. And the "mhd_assert" has 
no effect, since it's disabled when NDEBUG is set.
    
    Trivial patch attached to silence the compiler warnings by also 
initializing "da.digest_size" in the default case of the switch statement:
---
 src/microhttpd/digestauth.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 04c9f22a..aaed170e 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -1215,6 +1215,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection,
       da.digest = &MHD_SHA256_finish;                         \
       break;                                              \
     default:                                              \
+      da.digest_size = 0;                                 \
       mhd_assert (false);                                 \
       break;                                              \
     }                                                     \

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libmicrohttpd] branch master updated: address@hidden wrote:, gnunet <=

Prev by Date: [taler-exchange] branch master updated: -implement long-standing aggregation SQL query simplification
Next by Date: [gnunet] branch master updated: -touch build config !coverity
Previous by thread: [taler-exchange] branch master updated: -implement long-standing aggregation SQL query simplification
Next by thread: [gnunet] branch master updated: -touch build config !coverity
Index(es):
- Date
- Thread