ExtTech.c: fix uninitialized exts_linearResist value leaks into extresist #393
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…sist This value appears to be initialised at only one spot in the codebase (under very narrow conditions) but extresist will read it and make branching decisions based on the uninitialised state. This 'X' state propagation appears to eventually get processed in ResWriteExtFile() near where final output formatting is occurring. It is unclear (at this time) if it perturbs output values in a problematic way, or if due to algorithmic reasons the data is discarded before output anyway. I have at least one trace run (with multiple triggers) of printf formatters handling uninitialised data in ResWriteExtFile().
|
Just to update on this after running more analysis: Lines 1851 to 1852 in 705b4da It is this totalization summary that is perturbed by the data in the few project samples I have tried so far. This particular line is only printed to the logs. That doesn't rule out the main output being affected, but I have no example on that to show. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This value appears to be initialised at only one spot in the codebase (under very narrow conditions) but extresist will read it and make branching decisions based on the uninitialised state.
This 'X' state propagation appears to eventually get processed in ResWriteExtFile() near where final output formatting is occurring.
It is unclear (at this time) if it perturbs output values in a problematic way, or if due to algorithmic reasons the data is discarded before output anyway. I have at least one trace run (with multiple triggers) of printf formatters handling uninitialised data in ResWriteExtFile().