[PATCH] Add missing initialization for g_autofree variables

[PATCH] Add missing initialization for g_autofree variables

[mrezanin]

From: Miroslav Rezanina <mrezanin@redhat.com>

When declaring g_autofree variable without inicialization, compiler
will raise "may be used uninitialized in this function" warning due
to automatic free handling. This usage can cause gfree using unknown.
Such behavior can be dangerous and exploitable.

Add inicialization to NULL for these declaration to ensure uninitialized
value is not used.

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 hw/remote/memory.c       | 2 +-
 hw/remote/proxy.c        | 2 +-
 hw/s390x/s390-pci-vfio.c | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/hw/remote/memory.c b/hw/remote/memory.c
index 32085b1e05..bf0047a81b 100644
--- a/hw/remote/memory.c
+++ b/hw/remote/memory.c
@@ -43,7 +43,7 @@ void remote_sysmem_reconfig(MPQemuMsg *msg, Error **errp)
     remote_sysmem_reset();
 
     for (region = 0; region < msg->num_fds; region++) {
-        g_autofree char *name;
+        g_autofree char *name = NULL;
         subregion = g_new(MemoryRegion, 1);
         name = g_strdup_printf("remote-mem-%u", suffix++);
         memory_region_init_ram_from_fd(subregion, NULL,
diff --git a/hw/remote/proxy.c b/hw/remote/proxy.c
index 4fa4be079d..253c1aa7ec 100644
--- a/hw/remote/proxy.c
+++ b/hw/remote/proxy.c
@@ -347,7 +347,7 @@ static void probe_pci_info(PCIDevice *dev, Error **errp)
                    PCI_BASE_ADDRESS_SPACE_IO : PCI_BASE_ADDRESS_SPACE_MEMORY;
 
         if (size) {
-            g_autofree char *name;
+            g_autofree char *name = NULL;
             pdev->region[i].dev = pdev;
             pdev->region[i].present = true;
             if (type == PCI_BASE_ADDRESS_SPACE_MEMORY) {
diff --git a/hw/s390x/s390-pci-vfio.c b/hw/s390x/s390-pci-vfio.c
index ead4f222d5..0ee7dc21f2 100644
--- a/hw/s390x/s390-pci-vfio.c
+++ b/hw/s390x/s390-pci-vfio.c
@@ -29,7 +29,7 @@
  */
 bool s390_pci_update_dma_avail(int fd, unsigned int *avail)
 {
-    g_autofree struct vfio_iommu_type1_info *info;
+    g_autofree struct vfio_iommu_type1_info *info = NULL;
     uint32_t argsz;
 
     assert(avail);
@@ -230,7 +230,7 @@ static void s390_pci_read_pfip(S390PCIBusDevice *pbdev,
  */
 void s390_pci_get_clp_info(S390PCIBusDevice *pbdev)
 {
-    g_autofree struct vfio_device_info *info;
+    g_autofree struct vfio_device_info *info = NULL;
     VFIOPCIDevice *vfio_pci;
     uint32_t argsz;
     int fd;
-- 
2.27.0

Re: [PATCH] Add missing initialization for g_autofree variables

[Philippe Mathieu-Daudé]

On 3/12/21 1:03 PM, mrezanin@redhat.com wrote:
> From: Miroslav Rezanina <mrezanin@redhat.com>
> 
> When declaring g_autofree variable without inicialization, compiler
> will raise "may be used uninitialized in this function" warning due
> to automatic free handling. This usage can cause gfree using unknown.
> Such behavior can be dangerous and exploitable.

Will we be able to catch that earlier when building using
the Fedora/rawhide Docker image?

> 
> Add inicialization to NULL for these declaration to ensure uninitialized
> value is not used.
> 
> Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
> ---
>  hw/remote/memory.c       | 2 +-
>  hw/remote/proxy.c        | 2 +-
>  hw/s390x/s390-pci-vfio.c | 4 ++--
>  3 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/hw/remote/memory.c b/hw/remote/memory.c
> index 32085b1e05..bf0047a81b 100644
> --- a/hw/remote/memory.c
> +++ b/hw/remote/memory.c
> @@ -43,7 +43,7 @@ void remote_sysmem_reconfig(MPQemuMsg *msg, Error **errp)
>      remote_sysmem_reset();
>  
>      for (region = 0; region < msg->num_fds; region++) {
> -        g_autofree char *name;
> +        g_autofree char *name = NULL;
>          subregion = g_new(MemoryRegion, 1);
>          name = g_strdup_printf("remote-mem-%u", suffix++);

There is a reviewed patch for this one:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg787631.html