New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add variable initialization to large SSL TLS function #3311
Add variable initialization to large SSL TLS function #3311
Conversation
@sander-visser Thank you for your contribution! Could you please help me finding the line where this uninitialised variable is used? (As far as I can tell |
If the mode is neither CHACHAPOLY CCM GCM CBC nor STREAM (or mbed TLS is configured to not support all modes and comehow an unsupported mode still gets processed this far) then it would still be uninitialized |
Indeed, in this case it still would be uninitialised, but we would be exiting the function on line 1080 wouldn't we? |
Or @sander-visser Can you please add a changelog entry in |
Im ok with rejecting this PR - anyway the cange is so minor it does not need to be mentioned? |
change triggered by false positive reported by Cppcheck 1.89. Signed-off-by: sander-visser <github@visser.se>
914dc49
to
3888b03
Compare
We normally acknowledge all contributions via the changelog file. But of course as the contributor you can waive this. Anyway this habit dates back from the time when the change history wasn't public, and nowadays acknowledgement is built into the git author field. Even if there's no behavior change, this is a robustness improvement, since a small change in the code could result in the variable being used without initialization in some configurations. So thanks for catching it! |
Thank - im ok to waive conrib for this change. BTW: similar construct is present for header_len in ssl_cli.c |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
@sander-visser Thank you again for your contribution.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Signed-off-by: sander-visser github@visser.se
Description
Added variable initialization for maintainability. Reported as false positive by cpp-check 1.89
Status
READY
Requires Backporting
No
Migrations
NO
Additional comments
Any additional information that could be of interest
Todos
Steps to test or reproduce
Outline the steps to test or reproduce the PR here.