From uspoerlein@gmail.com  Mon Jul  6 16:16:51 2009
Return-Path: <uspoerlein@gmail.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D1FAF106566C
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  6 Jul 2009 16:16:51 +0000 (UTC)
	(envelope-from uspoerlein@gmail.com)
Received: from acme.spoerlein.net (cl-43.dus-01.de.sixxs.net [IPv6:2a01:198:200:2a::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 5F0848FC08
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  6 Jul 2009 16:16:51 +0000 (UTC)
	(envelope-from uspoerlein@gmail.com)
Received: from roadrunner.spoerlein.net (e180171219.adsl.alicedsl.de [85.180.171.219])
	by acme.spoerlein.net (8.14.3/8.14.3) with ESMTP id n66GGlB6052287
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 6 Jul 2009 18:16:49 +0200 (CEST)
	(envelope-from uspoerlein@gmail.com)
Received: from roadrunner.spoerlein.net (localhost [127.0.0.1])
	by roadrunner.spoerlein.net (8.14.3/8.14.3) with ESMTP id n66GGhDm005384
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 6 Jul 2009 18:16:43 +0200 (CEST)
	(envelope-from uqs@roadrunner.spoerlein.net)
Received: (from uqs@localhost)
	by roadrunner.spoerlein.net (8.14.3/8.14.3/Submit) id n66GGhZF005383;
	Mon, 6 Jul 2009 18:16:43 +0200 (CEST)
	(envelope-from uqs)
Message-Id: <200907061616.n66GGhZF005383@roadrunner.spoerlein.net>
Date: Mon, 6 Jul 2009 18:16:43 +0200 (CEST)
From: Ulrich Spoerlein <uqs@spoerlein.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [PATCH] usr.bin/jot fix usage of uninitialized values
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         136383
>Category:       bin
>Synopsis:       [PATCH] jot(1): fix usage of uninitialized values
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    brian
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 06 16:20:01 UTC 2009
>Closed-Date:    Mon Aug 03 09:55:54 UTC 2009
>Last-Modified:  Fri Nov 12 20:54:31 UTC 2010
>Originator:     Ulrich Spoerlein
>Release:        FreeBSD 7.2-STABLE i386
>Organization:
>Environment:
>Description:
A run of clang's static analyzer found that jot(1) has a bug regarding
the use of uninitialized variables.

https://www.spoerlein.net/scan-build/2009-07-04-1/report-BcTTXG.html#EndPath

The repetitions, start, end and step values are not preset. When defaults
are given, it will use "random" values for these.
>How-To-Repeat:
% jot -
0
0
% jot - -
0
0
0
% jot - - -
0
0
0
0
% jot - - - -
0
0
0
0
0

>Fix:

Simply pre-set all four variables to their defaults to match behaviour
claimed in manpage. Also add regression test for this case.

--- jot.diff begins here ---
Index: tools/regression/usr.bin/jot/regress.sh
===================================================================
--- tools/regression/usr.bin/jot/regress.sh	(revision 193930)
+++ tools/regression/usr.bin/jot/regress.sh	(working copy)
@@ -1,6 +1,6 @@
 # $FreeBSD$
 
-echo 1..56
+echo 1..57
 
 REGRESSION_START($1)
 
@@ -20,6 +20,7 @@
 REGRESSION_TEST(`ddhh', `jot - - 120 2')
 REGRESSION_TEST(`ddhd', `jot - - 120 -')
 REGRESSION_TEST(`dddh', `jot - - - 2')
+REGRESSION_TEST(`dddd', `jot - - - -')
 REGRESSION_TEST(`hhhh2', `jot 30 20 160 2')
 REGRESSION_TEST(`hhhd2', `jot 30 20 160 -')
 REGRESSION_TEST(`hhdh2', `jot 30 20 - 2')
Index: tools/regression/usr.bin/jot/regress.dddd.out
===================================================================
--- tools/regression/usr.bin/jot/regress.dddd.out	(revision 0)
+++ tools/regression/usr.bin/jot/regress.dddd.out	(revision 0)
@@ -0,0 +1,100 @@
+1
+2
+3
+4
+5
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46
+47
+48
+49
+50
+51
+52
+53
+54
+55
+56
+57
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83
+84
+85
+86
+87
+88
+89
+90
+91
+92
+93
+94
+95
+96
+97
+98
+99
+100
Index: usr.bin/jot/jot.c
===================================================================
--- usr.bin/jot/jot.c	(revision 193930)
+++ usr.bin/jot/jot.c	(working copy)
@@ -101,13 +101,13 @@
 	int	ch;
 	int	mask = 0;
 	int	n = 0;
-	double	begin;
+	double	begin = BEGIN_DEF;
 	double	divisor;
-	double	ender;
-	double	s;
+	double	ender = ENDER_DEF;
+	double	s = STEP_DEF;
 	double	x, y;
 	long	i;
-	long	reps;
+	long	reps = REPS_DEF;
 
 	while ((ch = getopt(argc, argv, "b:cnp:rs:w:")) != -1)
 		switch (ch) {
--- jot.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->brian 
Responsible-Changed-By: brian 
Responsible-Changed-When: Wed Jul 8 08:15:05 UTC 2009 
Responsible-Changed-Why:  
I'll apply this 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136383 
State-Changed-From-To: open->patched 
State-Changed-By: brian 
State-Changed-When: Wed Jul 8 10:16:57 UTC 2009 
State-Changed-Why:  
Fixed in head - r195443.  I'll MFC in 3 weeks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136383 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/136383: commit references a PR
Date: Wed,  8 Jul 2009 10:16:35 +0000 (UTC)

 Author: brian
 Date: Wed Jul  8 10:16:16 2009
 New Revision: 195443
 URL: http://svn.freebsd.org/changeset/base/195443
 
 Log:
   Fix some uninitialise variables.
   
   PR:		136383
   Submitted by:	Ulrich Spoerlein - uqs at spoerlein dot net
   Approved by:	re (kib)
   MFC after:	3 weeks
 
 Added:
   head/tools/regression/usr.bin/jot/regress.dddd.out   (contents, props changed)
 Modified:
   head/tools/regression/usr.bin/jot/regress.sh
   head/usr.bin/jot/jot.c
 
 Added: head/tools/regression/usr.bin/jot/regress.dddd.out
 ==============================================================================
 --- /dev/null	00:00:00 1970	(empty, because file is newly added)
 +++ head/tools/regression/usr.bin/jot/regress.dddd.out	Wed Jul  8 10:16:16 2009	(r195443)
 @@ -0,0 +1,100 @@
 +1
 +2
 +3
 +4
 +5
 +6
 +7
 +8
 +9
 +10
 +11
 +12
 +13
 +14
 +15
 +16
 +17
 +18
 +19
 +20
 +21
 +22
 +23
 +24
 +25
 +26
 +27
 +28
 +29
 +30
 +31
 +32
 +33
 +34
 +35
 +36
 +37
 +38
 +39
 +40
 +41
 +42
 +43
 +44
 +45
 +46
 +47
 +48
 +49
 +50
 +51
 +52
 +53
 +54
 +55
 +56
 +57
 +58
 +59
 +60
 +61
 +62
 +63
 +64
 +65
 +66
 +67
 +68
 +69
 +70
 +71
 +72
 +73
 +74
 +75
 +76
 +77
 +78
 +79
 +80
 +81
 +82
 +83
 +84
 +85
 +86
 +87
 +88
 +89
 +90
 +91
 +92
 +93
 +94
 +95
 +96
 +97
 +98
 +99
 +100
 
 Modified: head/tools/regression/usr.bin/jot/regress.sh
 ==============================================================================
 --- head/tools/regression/usr.bin/jot/regress.sh	Wed Jul  8 06:07:51 2009	(r195442)
 +++ head/tools/regression/usr.bin/jot/regress.sh	Wed Jul  8 10:16:16 2009	(r195443)
 @@ -1,6 +1,6 @@
  # $FreeBSD$
  
 -echo 1..56
 +echo 1..57
  
  REGRESSION_START($1)
  
 @@ -20,6 +20,7 @@ REGRESSION_TEST(`dhdd', `jot - 20 - -')
  REGRESSION_TEST(`ddhh', `jot - - 120 2')
  REGRESSION_TEST(`ddhd', `jot - - 120 -')
  REGRESSION_TEST(`dddh', `jot - - - 2')
 +REGRESSION_TEST(`dddd', `jot - - - -')
  REGRESSION_TEST(`hhhh2', `jot 30 20 160 2')
  REGRESSION_TEST(`hhhd2', `jot 30 20 160 -')
  REGRESSION_TEST(`hhdh2', `jot 30 20 - 2')
 
 Modified: head/usr.bin/jot/jot.c
 ==============================================================================
 --- head/usr.bin/jot/jot.c	Wed Jul  8 06:07:51 2009	(r195442)
 +++ head/usr.bin/jot/jot.c	Wed Jul  8 10:16:16 2009	(r195443)
 @@ -101,13 +101,13 @@ main(int argc, char **argv)
  	int	ch;
  	int	mask = 0;
  	int	n = 0;
 -	double	begin;
 +	double	begin = BEGIN_DEF;
  	double	divisor;
 -	double	ender;
 -	double	s;
 +	double	ender = ENDER_DEF;
 +	double	s = STEP_DEF;
  	double	x, y;
  	long	i;
 -	long	reps;
 +	long	reps = REPS_DEF;
  
  	while ((ch = getopt(argc, argv, "b:cnp:rs:w:")) != -1)
  		switch (ch) {
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: Wayne Sierke <ws@au.dyndns.ws>
To: Ulrich Spoerlein <uqs@spoerlein.net>
Cc: FreeBSD-gnats-submit@freebsd.org, brian@freebsd.org
Subject: Re: bin/136383: [PATCH] usr.bin/jot fix usage of uninitialized
 values
Date: Sun, 12 Jul 2009 00:49:13 +0930

 On Mon, 2009-07-06 at 18:16 +0200, Ulrich Spoerlein wrote:
 > >Number:         136383
 > >Category:       bin
 > >Release:        FreeBSD 7.2-STABLE i386
 > >Description:
 > A run of clang's static analyzer found that jot(1) has a bug regarding
 > the use of uninitialized variables.
 > 
 > https://www.spoerlein.net/scan-build/2009-07-04-1/report-BcTTXG.html#EndPath
 > 
 > The repetitions, start, end and step values are not preset. When defaults
 > are given, it will use "random" values for these.
 > >How-To-Repeat:
 > % jot -
 > 0
 > 0
 > % jot - -
 > 0
 > 0
 > 0
 > % jot - - -
 > 0
 > 0
 > 0
 > 0
 > % jot - - - -
 > 0
 > 0
 > 0
 > 0
 > 0
 
 Except that these are not valid invocations. From man jot:
 
         While at least one of them must appear, any of the other three
         may
         be omitted, and will be considered as such if given as - or as
         an empty string.
 
 The synopsis (and usage help) line is perhaps inaccurate or misleading
 by implying that all four arguments are optional:
 
         SYNOPSIS
              jot [-cnr] [-b word] [-w word] [-s string] [-p precision]
                  [reps [begin [end [s]]]]
         
 but the description text seems clear enough. When someone recently
 questioned the accuracy of jot's behaviour relative to the man page
 description I conducted manual tests and was unable to find fault with
 it. In particular by providing at least one of the four arguments I
 found it to work as described. The man page text is perhaps terse but I
 didn't find it to be inaccurate.
 
 Curiously (comparing with the output you listed) there's also this:
 
 %jot -
 0
 %jot - -
 0
 %jot - - -
 0
 %jot - - - -
 0
 %uname -srmi
 FreeBSD 7.2-STABLE i386 GENERIC
 
 
 Wayne
 
 
 

From: Ulrich =?utf-8?B?U3DDtnJsZWlu?= <uqs@spoerlein.net>
To: Wayne Sierke <ws@au.dyndns.ws>
Cc: FreeBSD-gnats-submit@freebsd.org, brian@freebsd.org
Subject: Re: bin/136383: [PATCH] usr.bin/jot fix usage of uninitialized
 values
Date: Sat, 11 Jul 2009 22:44:16 +0200

 On Sun, 12.07.2009 at 00:49:13 +0930, Wayne Sierke wrote:
 > Except that these are not valid invocations. From man jot:
 > 
 >         While at least one of them must appear, any of the other three may
 >         be omitted, and will be considered as such if given as - or as
 >         an empty string.
 > 
 > The synopsis (and usage help) line is perhaps inaccurate or misleading
 > by implying that all four arguments are optional:
 > 
 >         SYNOPSIS
 >              jot [-cnr] [-b word] [-w word] [-s string] [-p precision]
 >                  [reps [begin [end [s]]]]
 >         
 > but the description text seems clear enough. When someone recently
 > questioned the accuracy of jot's behaviour relative to the man page
 > description I conducted manual tests and was unable to find fault with
 > it. In particular by providing at least one of the four arguments I
 > found it to work as described. The man page text is perhaps terse but I
 > didn't find it to be inaccurate.
 > 
 > Curiously (comparing with the output you listed) there's also this:
 > 
 > %jot -
 > 0
 > %jot - -
 > 0
 > %jot - - -
 > 0
 > %jot - - - -
 > 0
 > %uname -srmi
 > FreeBSD 7.2-STABLE i386 GENERIC
 
 Yes, that's exactly the bug, the patch tries to address. The variable
 'reps' contains random garbage, if jot is invoked with "jot -" or
 "jot - -". (See the clang static analysis referenced in the original PR)
 
 Please note, that I don't argue that "jot -" should probably be invalid
 syntax, but then the parser should say so and not run off with any
 random integer that happens to be on the stack.
 
 So, do people really want "jot -" to throw a syntax error?
 
 Cheers,
 Ulrich Spoerlein
State-Changed-From-To: patched->closed 
State-Changed-By: brian 
State-Changed-When: Mon Aug 3 09:55:19 UTC 2009 
State-Changed-Why:  
Merged to stable/7, r196049. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=136383 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/136383: commit references a PR
Date: Mon,  3 Aug 2009 09:55:24 +0000 (UTC)

 Author: brian
 Date: Mon Aug  3 09:55:03 2009
 New Revision: 196049
 URL: http://svn.freebsd.org/changeset/base/196049
 
 Log:
   MFC: Fix some uninitialised variables.
   
   PR:		136383
   Submitted by:	Ulrich Spoerlein - uqs at spoerlein dot net
 
 Added:
   stable/7/tools/regression/usr.bin/jot/regress.dddd.out
      - copied unchanged from r195443, head/tools/regression/usr.bin/jot/regress.dddd.out
 Modified:
   stable/7/tools/regression/usr.bin/jot/   (props changed)
   stable/7/tools/regression/usr.bin/jot/regress.sh
   stable/7/usr.bin/jot/   (props changed)
   stable/7/usr.bin/jot/jot.c
 
 Copied: stable/7/tools/regression/usr.bin/jot/regress.dddd.out (from r195443, head/tools/regression/usr.bin/jot/regress.dddd.out)
 ==============================================================================
 --- /dev/null	00:00:00 1970	(empty, because file is newly added)
 +++ stable/7/tools/regression/usr.bin/jot/regress.dddd.out	Mon Aug  3 09:55:03 2009	(r196049, copy of r195443, head/tools/regression/usr.bin/jot/regress.dddd.out)
 @@ -0,0 +1,100 @@
 +1
 +2
 +3
 +4
 +5
 +6
 +7
 +8
 +9
 +10
 +11
 +12
 +13
 +14
 +15
 +16
 +17
 +18
 +19
 +20
 +21
 +22
 +23
 +24
 +25
 +26
 +27
 +28
 +29
 +30
 +31
 +32
 +33
 +34
 +35
 +36
 +37
 +38
 +39
 +40
 +41
 +42
 +43
 +44
 +45
 +46
 +47
 +48
 +49
 +50
 +51
 +52
 +53
 +54
 +55
 +56
 +57
 +58
 +59
 +60
 +61
 +62
 +63
 +64
 +65
 +66
 +67
 +68
 +69
 +70
 +71
 +72
 +73
 +74
 +75
 +76
 +77
 +78
 +79
 +80
 +81
 +82
 +83
 +84
 +85
 +86
 +87
 +88
 +89
 +90
 +91
 +92
 +93
 +94
 +95
 +96
 +97
 +98
 +99
 +100
 
 Modified: stable/7/tools/regression/usr.bin/jot/regress.sh
 ==============================================================================
 --- stable/7/tools/regression/usr.bin/jot/regress.sh	Mon Aug  3 09:43:06 2009	(r196048)
 +++ stable/7/tools/regression/usr.bin/jot/regress.sh	Mon Aug  3 09:55:03 2009	(r196049)
 @@ -1,6 +1,6 @@
  # $FreeBSD$
  
 -echo 1..56
 +echo 1..57
  
  REGRESSION_START($1)
  
 @@ -20,6 +20,7 @@ REGRESSION_TEST(`dhdd', `jot - 20 - -')
  REGRESSION_TEST(`ddhh', `jot - - 120 2')
  REGRESSION_TEST(`ddhd', `jot - - 120 -')
  REGRESSION_TEST(`dddh', `jot - - - 2')
 +REGRESSION_TEST(`dddd', `jot - - - -')
  REGRESSION_TEST(`hhhh2', `jot 30 20 160 2')
  REGRESSION_TEST(`hhhd2', `jot 30 20 160 -')
  REGRESSION_TEST(`hhdh2', `jot 30 20 - 2')
 
 Modified: stable/7/usr.bin/jot/jot.c
 ==============================================================================
 --- stable/7/usr.bin/jot/jot.c	Mon Aug  3 09:43:06 2009	(r196048)
 +++ stable/7/usr.bin/jot/jot.c	Mon Aug  3 09:55:03 2009	(r196049)
 @@ -101,13 +101,13 @@ main(int argc, char **argv)
  	int	ch;
  	int	mask = 0;
  	int	n = 0;
 -	double	begin;
 +	double	begin = BEGIN_DEF;
  	double	divisor;
 -	double	ender;
 -	double	s;
 +	double	ender = ENDER_DEF;
 +	double	s = STEP_DEF;
  	double	x, y;
  	long	i;
 -	long	reps;
 +	long	reps = REPS_DEF;
  
  	while ((ch = getopt(argc, argv, "b:cnp:rs:w:")) != -1)
  		switch (ch) {
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
