Snort mailing list archives

Undefined variable/garbage values encountered in snort-2.9.7.5

From: Bill Parker <wp02855 () gmail com>
Date: Sat, 8 Aug 2015 12:58:59 -0700

Hello All,

   In processing snort-2.9.7.5 through clang-analyzer 3.5.0, in
'detection-plugins', file 'sp_respond3', module/function 'Resp3_parse',
at line 213: while (i < num_toks), while i is set to zero on line
212, it would appear num_toks is declared at line 204, but it is
never assigned a value (i.e. - un-initialized) before it is compared
at line 213 (thus, it could be anything).

======================================================================

In 'detection-plugins', file 'detection_options.c', module/function
'detection_option_node_evaluate' at line 1212, the expansion of the
macro 'NODE_PROFILE_TMPEND' which is below:

if (ScProfileRules()) { { uint32_t a, d; __asm__ __volatile__
 ("rdtsc" : "=a" (a), "=d" (d)); node_ticks_end = ((uint64_t)
a) | (((uint64_t)d) << 32); }; node_ticks_delta = node_ticks_end
 - node_ticks_start; node_deltas += node_ticks_delta; }

results in the right operand of '-' is a garbage value (which
appears to be variable 'node_ticks_start'), and does not
appear to be initialized inside of the macro itself.

======================================================================

In 'detection-plugins', file 'detection_options.c', module/function
'detection_option_node_evaluate' at lines 1163, 1172, 1199, the
macro expansion of 'NODE_PROFILE_END_NOMATCH' which is below:

if (ScProfileRules()) { { uint32_t a, d; __asm__ __volatile__
 ("rdtsc" : "=a" (a), "=d" (d)); node_ticks_end = ((uint64_t)
a) | (((uint64_t)d) << 32); }; node_ticks_delta = node_ticks_end
 - node_ticks_start; node->ticks += node_ticks_delta + node_deltas
; node->ticks_no_match += node_ticks_delta + node_deltas; }

results in the right operand of '-' is a garbage value (which
appears to be variable 'node_ticks_start'), and does not
appear to be initialized inside of the macro itself.

=======================================================================

I am attaching the HTML output from clang-analyzer to this bug report.

Bill Parker

------------------------------------------------------------------------------

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Undefined variable/garbage values encountered in snort-2.9.7.5 Bill Parker (Aug 08)
- Re: Undefined variable/garbage values encountered in snort-2.9.7.5 Nageswara Rao A.V.K (navk) (Aug 09)
- Re: Undefined variable/garbage values encountered in snort-2.9.7.5 Nageswara Rao A.V.K (navk) (Aug 09)