[Swan-dev] coverity warnings: out_struct() and not all fields being filled in

Mon Oct 27 22:15:43 EET 2014

We are seeing a bunch of uninitialised variables errors:

1. libreswan-3.11/programs/pluto/x509more.c:538: error[uninitvar]: Uninitialized variable: cr_hd
1. libreswan-3.11/programs/pluto/x509more.c:480: error[uninitvar]: Uninitialized variable: cr_hd
1. libreswan-3.11/programs/pluto/x509more.c:457: error[uninitvar]: Uninitialized variable: cert_hd
1. libreswan-3.11/programs/pluto/ikev2_spdb_struct.c:88: error[uninitvar]: Uninitialized variable: attr
1. libreswan-3.11/programs/pluto/ikev2_parent.c:1551: error[uninitvar]: Uninitialized variable: cp
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:2800: error[uninitvar]: Uninitialized variable: attrh
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:2342: error[uninitvar]: Uninitialized variable: attrh
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:986: error[uninitvar]: Uninitialized variable: attrh
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:855: error[uninitvar]: Uninitialized variable: attrh
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:752: error[uninitvar]: Uninitialized variable: attrh
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:474: error[uninitvar]: Uninitialized variable: attr
1. libreswan-3.11/programs/pluto/ikev1_xauth.c:429: error[uninitvar]: Uninitialized variable: attrh
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:2735: error[uninitStructMember]: Uninitialized struct member: ah_trans.isat_transnum
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:2735: error[uninitStructMember]: Uninitialized struct member: ah_trans.isat_transid
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:2735: error[uninitStructMember]: Uninitialized struct member: ah_trans.isat_reserved2
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:2735: error[uninitStructMember]: Uninitialized struct member: ah_trans.isat_reserved
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:2735: error[uninitStructMember]: Uninitialized struct member: ah_trans.isat_np 
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:2735: error[uninitStructMember]: Uninitialized struct member: ah_trans.isat_length
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:609: error[uninitvar]: Uninitialized variable: attr
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:524: error[uninitvar]: Uninitialized variable: trans
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:324: error[uninitvar]: Uninitialized variable: sa
1. libreswan-3.11/programs/pluto/ikev1_spdb_struct.c:222: error[uninitvar]: Uninitialized variable: attr

I checked two of these (cr_hd and cp) and noticed that indeed we seem to
only partially fill in the struct, before giving it to out_struct:

For example:

         struct ikev2_certreq cr_hd;

         cr_hd.isacertreq_critical =  ISAKMP_PAYLOAD_NONCRITICAL;
         cr_hd.isacertreq_np = np;
         cr_hd.isacertreq_enc = type;
         /* XXX not all fields initialised */

         /* build CR header */
         if (!out_struct(&cr_hd, &ikev2_certificate_req_desc, outs, &cr_pbs))
                 return FALSE;

Where struct ikev2_certreq is:

struct ikev2_certreq {
         u_int8_t isacertreq_np;         /* Next payload */
         u_int8_t isacertreq_critical;
         u_int16_t isacertreq_length;    /* Payload length */
         u_int8_t isacertreq_enc;        /* encoding type */
};

So in this case, cr_hd.isacertreq_length was not set. The others are
similar.

Paul