CodeSonar : Pvm : Uninitialized Variable

Pvm : Pvm analysis 1 : Uninitialized Variable at lpvm.c:3734

Categories:	LANG.MEM.UVAR CWE:457
Warning ID:	2835.2896
Procedure:	pvm_start_pvmd
Trace:	View
Modified:	Wed Sep 2 12:49:33 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/u1/paul/SATE/2010/c/pvm/pvm3/src/lpvm.c

			Enter pvm_start_pvmd

true

3526

pvm_start_pvmd(argc, argv, block)

3527

int argc; /* number of args to pass to pvmd (>= 0) */

3528

char **argv; /* args for pvmd or null */

3529

int block; /* if true, don't return until add hosts are started */

{

char *sfn;

struct stat sb;

int cc;

char *fn; /* file to exec */

3535

char **av;

3536

int pfd[2];

...

3541

#ifdef WIN32

3542

char *pathending = "\\lib\\win32\\pvmd3.exe";

3543

SECURITY_ATTRIBUTES saPipe;

3544

PROCESS_INFORMATION pi;

3545

STARTUPINFO si; /* for CreateProcess call */

HANDLE pvmdid;

int i = 0;

char cmd[256];

#endif

TEV_DECLS;

if (TEV_EXCLUSIVE) {

if (pvmmytid != -1

&& TEV_DO_TRACE (TEV_START_PVMD ,TEV_EVENT_ENTRY )) {

3556

TEV_PACK_INT( TEV_DID_BF, TEV_DATA_SCALAR, &block, 1, 1 );

3557

TEV_PACK_STRING( TEV_DID_AS, TEV_DATA_ARRAY,

argv, argc, 1 );

TEV_FIN;

}

}

if (argc < 0 || !argv)

argc = 0;

#ifndef WIN32

if ((pvm_useruid = getuid()) == -1) {

3568

pvmlogerror("can't getuid()\n");

cc = PvmSysErr;

goto bail;

}

pvmchkuid( pvm_useruid );

3573

#else

3574

if (!username)

3575

username = MyGetUserName();

3576

#endif

3577

3578

if (!(sfn = pvmdsockfile ())) {

3579

pvmlogerror("pvm_start_pvmd() pvmdsockfile() failed\n");

cc = PvmSysErr;

goto bail;

}

if (stat(sfn, &sb) != -1) {

cc = PvmDupHost;

goto bail;

}

#ifdef WIN32

cc = PvmSysErr;

fn = malloc(128 * sizeof(char));

...

PVM_FREE(av);

while (stat(sfn, &sb) == -1)

3653

Sleep(5000); /* what a hack */

#else

#ifdef IMA_TITN

if (socketpair(AF_UNIX, SOCK_STREAM, 0, pfd) == -1)

#else

if (pipe(pfd) == -1)

#endif

{

cc = PvmSysErr;

goto bail;

}

fn = pvmgetpvmd ();

av = TALLOC(argc + 2, char *, "argv");

3670

if (argc > 0)

3671

BCOPY((char *)&argv[0], (char *)&av[1], argc * sizeof(char*)); /* Null Pointer Dereference (ID: 2837.2898) */

3672

av[0] = fn; /* Null Pointer Dereference (ID: 2838.2899) */

av[argc + 1] = 0;

if (!fork()) {

(void)close(pfd[0]);

/* fork again so the pvmd is not the child - won't have to wait() for it */

if (!fork()) {

if (pfd[1] != 1)

dup2(pfd[1], 1);

for (n = getdtablesize(); n-- > 0; )

3682

if (n != 1)

3683

(void)close(n);

3684

(void)open("/dev/null", O_RDONLY, 0); /* should be 0 */

3685

(void)open("/dev/null", O_WRONLY, 0); /* should be 2 */

3686

(void)signal(SIGINT, SIG_IGN);

3687

(void)signal(SIGQUIT, SIG_IGN);

3688

#ifndef IMA_OS2

3689

(void)signal(SIGTSTP, SIG_IGN);

#endif

execvp(av[0], av);

}

_exit(0);

}

(void)close(pfd[1]);

(void)wait(0);

PVM_FREE(av);

if (!(ff = fdopen(pfd[0], "r"))) {

cc = PvmSysErr;

(void)close(pfd[0]);

goto bail;

}

strcpy(buf, "PVMSOCK=");

3706

n = strlen(buf);

3707

if (!fgets(buf + n, sizeof(buf) - n - 1, ff)) {

cc = PvmCantStart;

fclose(ff);

goto bail;

}

fclose(ff);

if (strlen(buf + n) < 2) {

cc = PvmCantStart;

goto bail;

}

n = strlen(buf);

if (buf[n - 1] == '\n')

3719

buf[n - 1] = 0;

3720

pvmputenv(STRALLOC(buf)); /* Null Pointer Dereference (ID: 2836.2897) */

3721

3722

/* fprintf(stderr, "pvm_start_pvmd: %s\n", buf); */

#endif

if (cc = BEATASK)

goto bail;

if (block) {

struct pvmhostinfo *hip;

3731

int t = 1;

3732

	3733		pvm_config((int)0, (int)0, &hip );

hip is uninitialized

3734

while ((cc = pvm_addhosts(&hip[0].hi_name, 1, (int*)0)) == PvmAlready) { /* Uninitialized Variable */

3735

pvmsleep(t );

3736

if (t < 8)

3737

t *= 2;

Preconditions

$param_1 = 0
$param_2 != 0
&$unknown_2494607 >= 0
&$unknown_2494609 != 0
&$unknown_2494616 = 1
hlist = 0
numpmsgs = 0
pp = 0
pvmautoerr = 0
pvmmytid != -1
pvmrbuf = 0
pvmschedtid != 0
pvmtoplvl != 0
pvmtrc.trctid != pvmmytid
pvmtrc.trctid >= 1
pvmtrc.trcopt != 1
pvmtrc.trcopt != 2
pvmtrc.trcopt != 3
rd = 0
$input_12 >= 0
$input_500 <= 118
$input_500 >= 2
td = 0

Postconditions

pvmsbuf->m_ctx' = 0
$unknown_2494606' is freed
$unknown_2494606' is closed
$unknown_2494607' is freed
$unknown_2494607' is closed
argc' = $param_1
argv' = $param_2
av' = &$heap_200989
block' = &$unknown_2494609
buf[0]' = 80
strlen(&buf[0])' = $input_500 + 7
buf[0]' is checked by path name
buf[8]' = $input_508
cc' = -30
ff' = &$heap_200990
fn' = &$heap_200988
bytes_after(&$heap_200987)' = $input_12 + 1
$heap_200987' is allocated by malloc
$heap_200987' is a non-heap object
bytes_before(&$heap_200987)' = 0
strlen(&$heap_200987)' = $input_12
bytes_after(&$heap_200988)' = $input_12 + 10
$heap_200988' is allocated by malloc
$heap_200988' is allocated
bytes_before(&$heap_200988)' = 0
$heap_200989' = &$heap_200988
bytes_after(&$heap_200989)' = 8 * $param_1 + 16
$heap_200989' is allocated by malloc
$heap_200989' is freed
bytes_before(&$heap_200989)' = 0
((char*)&$heap_200989)[8]' = 0
$heap_200990' = &$unknown_2494607
bytes_after(&$heap_200990)' = 1028
$heap_200990' is allocated by fopen
$heap_200990' is freed
$heap_200990' is closed
bytes_before(&$heap_200990)' = 0
$heap_200991' = 80
bytes_after(&$heap_200991)' = $input_500 + 8
$heap_200991' is allocated by malloc
$heap_200991' is allocated
bytes_before(&$heap_200991)' = 0
strlen(&$heap_200991)' = $input_500 + 7
n' = $input_500 + 8
pfd[0]' = &$unknown_2494607
pfd[1]' = &$unknown_2494606
pp' = &$heap_200988
pvmampushed' = 0
pvmamtraced' = pvmtoplvl
pvmtoplvl' = 0
rd' = &$heap_200987
sfn' = &buf[0]

Change Warning 2835.2896 : Uninitialized Variable

Priority:
State:
Finding:
Owner:
Note: