On 7/19/19 10:03 AM, Eric Blake wrote: > We've had two separate reports of a caller running into use of > uninitialized data if s->quit is set (one detected by gcc -O3, another > by valgrind), due to checking 'nbd_reply_is_simple(reply) || s->quit' > in the wrong order. Rather than chasing down which callers need to > pre-initialize reply, it's easier to guarantee that reply will always > be set by nbd_co_receive_one_chunk() even on failure. >
I'm adding: The bug is harmless (the only time uninitialized use is possible is if s->quit is set, so the conditional resolves to the same branch regardless of the contents of reply), but was introduced in commit 65e01d47. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature