X-Loop: help-debbugs@HIDDEN
Subject: bug#79781: [BUG / Question] Potential use of uninitialized variables in copy_internal() in src/copy.c
Resent-From: Ray steven <checkscope.hyzc@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-coreutils@HIDDEN
Resent-Date: Fri, 07 Nov 2025 12:36:03 +0000
Resent-Message-ID: <handler.79781.B.176251893321543 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: report 79781
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords:
To: 79781 <at> debbugs.gnu.org
X-Debbugs-Original-To: bug-coreutils@HIDDEN
Received: via spool by submit <at> debbugs.gnu.org id=B.176251893321543
(code B ref -1); Fri, 07 Nov 2025 12:36:03 +0000
Received: (at submit) by debbugs.gnu.org; 7 Nov 2025 12:35:33 +0000
Received: from localhost ([127.0.0.1]:45658 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1vHLgi-0005bJ-GQ
for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 07:35:33 -0500
Received: from lists.gnu.org ([2001:470:142::17]:57058)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <checkscope.hyzc@HIDDEN>)
id 1vHKMx-0007nw-Rj
for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 06:11:08 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <checkscope.hyzc@HIDDEN>)
id 1vHKMs-0003vc-Bb
for bug-coreutils@HIDDEN; Fri, 07 Nov 2025 06:10:58 -0500
Received: from mail-oi1-x232.google.com ([2607:f8b0:4864:20::232])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from <checkscope.hyzc@HIDDEN>)
id 1vHKMq-0001Br-PA
for bug-coreutils@HIDDEN; Fri, 07 Nov 2025 06:10:58 -0500
Received: by mail-oi1-x232.google.com with SMTP id
5614622812f47-450063be247so266029b6e.2
for <bug-coreutils@HIDDEN>; Fri, 07 Nov 2025 03:10:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1762513855; x=1763118655; darn=gnu.org;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=GHXEVOkTQrNXNfdMZvpnVHCsbRPCYzyIDRh8BeGZQgM=;
b=GkPIosRb1EdjWCyelvhgMmG+kXb7tUSbEq9+6Tw1P60e5G7wcovC/r2cNpkZAMOepU
nZzYCyPAi6xA/AoHvUGX7pXNcHuMCUYe/HGDoxCXdm4PMwGxoix92CkQIzZpUdQxlq73
zMFLWZ0OHofkE40PBHcVOIvMcrvL+xpuI2dyLO+pgYuKLzwTF8ree5c6fO3csDd9NAhy
bo5kwRTK4IveJRB+JkB0xTKGcG68ZcPZszom5iFEgsnanhy5qF3wloEB6Ag+HHKvipDV
jRS6gdmY9US/ypKY06l33T5mNnWqTIN6IT8Pxx1lsFwcZuA05jqEmW4roev1V6/4+XUR
X2xg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1762513855; x=1763118655;
h=to:subject:message-id:date:from:mime-version:x-gm-gg
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=GHXEVOkTQrNXNfdMZvpnVHCsbRPCYzyIDRh8BeGZQgM=;
b=jidxnpOJC3scXxZprHrsCAdosxE8tHx1xChPWSKZdrDUIWcslQpLDMsGEcqci9HLiU
TSa8XRSdNamFPr1IO2xMsUt3cIfMcW0X2tgr6o2PVPJ+i6kmDacPXSaIY9QKAQULAT63
Z6Q8kXbeu/49y1DTOy2v7Fl9tu9uBcEHTvKdpAxg1DIe7OVeVVeF/PhzSDQla3ZU2rk8
UtCV4a4Li1COKVTX8SbNY58DFBkgp5JNqSUUGF9UhvBGLWeef9MHoSWFGIh3gGYEd1IQ
SL+VArpEj16GSMMmMw98IBBLgdEnKBipRvI14DVA01hFYAl2xyurykoC/k0asA7O+l8F
YQDQ==
X-Gm-Message-State: AOJu0Yw5+jsjd6c9U/ZvTniLxRbsaKMm+SdZgKOFJ+eLASlKJDE7yc85
1vPHGxpQyqU171qPm6mHi2M52y3cHGpQU+bWdbCtQA610Zf00BfqXIf1E72XJr/Zo1f0MRsqDz8
cV0Qjnvxp2YZzjcKnuhkDJFTFZWL1Or6A7Pwt
X-Gm-Gg: ASbGncvU48DZHgk9FNg1rYR8Hk+ThtaW+6dY/WgnVaHGH3mBz6AF6vi0K6jJ7vM/xpQ
kNhYKf9Pb5Sk69L33UAFjpyrRhCTptqwPduhwxen/HaRVFppcpjcuhaKAniGDAz5e4lWvHLiemd
L0/bfawTM4mBMaOjTIMiN/R0JzOG6n9IoZKeDoFxHWrUuWlBlZaibDf1SpO65VQbAW5pz/qK5f9
/pTiyMCDhSSDeL4MCPiyqkS6PaF1EDQuUsF2qWcPmxFZnyUQnNEoxcrPbr2Zw==
X-Google-Smtp-Source: AGHT+IHngTgQqM2HGaGdooqKFB4ZR7dN8z0GQiyVU6P9Gs//4cZ+OtxvKCUq6hSz88/9is9Z0sMGdUtYxj45eQLtLVg=
X-Received: by 2002:a05:6808:4f2c:b0:44f:8f4b:9146 with SMTP id
5614622812f47-45015da0428mr1273811b6e.22.1762513855149; Fri, 07 Nov 2025
03:10:55 -0800 (PST)
MIME-Version: 1.0
From: Ray steven <checkscope.hyzc@HIDDEN>
Date: Fri, 7 Nov 2025 19:10:46 +0800
X-Gm-Features: AWmQ_blvZZuV6nk3y6efU5PPNzRGfsaVFS0JLF6z_Rfbohu26imO0snFG2gyenI
Message-ID: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN>
Content-Type: multipart/alternative; boundary="0000000000003f7b7e0642ff3ca8"
Received-SPF: pass client-ip=2607:f8b0:4864:20::232;
envelope-from=checkscope.hyzc@HIDDEN; helo=mail-oi1-x232.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 1.0 (+)
X-Mailman-Approved-At: Fri, 07 Nov 2025 07:35:31 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.0 (/)
--0000000000003f7b7e0642ff3ca8
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hello Coreutils maintainers,
I found a potential issue in the `copy_internal` function in `src/copy.c`.
Issue Summary
-------------
In lines 1641=E2=80=931642, the variables `src_mode` and `dst_mode` are def=
ined.
If `#ifdef lint` is not defined, these two variables are uninitialized.
In the `else` branch at line 1693, they are also not explicitly
initialized,
but `src_mode` is used later at lines 1707 and 1745, among other places.
It needs to be confirmed whether this constitutes using the variables
before they are initialized, which could lead to undefined behavior.
Suggested Action
----------------
- Review the relevant code paths to ensure `src_mode` and `dst_mode`
are properly initialized before use.
- Consider initializing them at declaration to avoid undefined behavior:
mode_t src_mode =3D 0;
mode_t dst_mode =3D 0;
Thanks for your time and for maintaining Coreutils.
Best regards,
CheckScope
--0000000000003f7b7e0642ff3ca8
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Hello Coreutils maintainers,<br><br>I found a potential is=
sue in the `copy_internal` function in `src/copy.c`.<br><br>Issue Summary<b=
r>-------------<br>In lines 1641=E2=80=931642, the variables `src_mode` and=
`dst_mode` are defined. =C2=A0<br>If `#ifdef lint` is not defined, these t=
wo variables are uninitialized. =C2=A0<br><br>In the `else` branch at line =
1693, they are also not explicitly initialized, =C2=A0<br>but `src_mode` is=
used later at lines 1707 and 1745, among other places. =C2=A0<br><br>It ne=
eds to be confirmed whether this constitutes using the variables =C2=A0<br>=
before they are initialized, which could lead to undefined behavior.<br><br=
>Suggested Action<br>----------------<br>- Review the relevant code paths t=
o ensure `src_mode` and `dst_mode` =C2=A0<br>=C2=A0 are properly initialize=
d before use. =C2=A0<br>- Consider initializing them at declaration to avoi=
d undefined behavior:<br><br>=C2=A0 =C2=A0 mode_t src_mode =3D 0;<br>=C2=A0=
=C2=A0 mode_t dst_mode =3D 0;<br><br>Thanks for your time and for maintain=
ing Coreutils.<br><br>Best regards,<br>CheckScope</div>
--0000000000003f7b7e0642ff3ca8--
Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) Content-Type: text/plain; charset=utf-8 X-Loop: help-debbugs@HIDDEN From: help-debbugs@HIDDEN (GNU bug Tracking System) To: Ray steven <checkscope.hyzc@HIDDEN> Subject: bug#79781: Acknowledgement ([BUG / Question] Potential use of uninitialized variables in copy_internal() in src/copy.c) Message-ID: <handler.79781.B.176251893321543.ack <at> debbugs.gnu.org> References: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> X-Gnu-PR-Message: ack 79781 X-Gnu-PR-Package: coreutils Reply-To: 79781 <at> debbugs.gnu.org Date: Fri, 07 Nov 2025 12:36:03 +0000 Thank you for filing a new bug report with debbugs.gnu.org. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): bug-coreutils@HIDDEN If you wish to submit further information on this problem, please send it to 79781 <at> debbugs.gnu.org. Please do not send mail to help-debbugs@HIDDEN unless you wish to report a problem with the Bug-tracking system. --=20 79781: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D79781 GNU Bug Tracking System Contact help-debbugs@HIDDEN with problems
X-Loop: help-debbugs@HIDDEN
Subject: bug#79781: [BUG / Question] Potential use of uninitialized variables in copy_internal() in src/copy.c
Resent-From: =?UTF-8?Q?P=C3=A1draig?= Brady <P@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-coreutils@HIDDEN
Resent-Date: Fri, 07 Nov 2025 16:02:02 +0000
Resent-Message-ID: <handler.79781.B79781.176253126931723 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 79781
X-GNU-PR-Package: coreutils
X-GNU-PR-Keywords:
To: Ray steven <checkscope.hyzc@HIDDEN>, 79781 <at> debbugs.gnu.org
Received: via spool by 79781-submit <at> debbugs.gnu.org id=B79781.176253126931723
(code B ref 79781); Fri, 07 Nov 2025 16:02:02 +0000
Received: (at 79781) by debbugs.gnu.org; 7 Nov 2025 16:01:09 +0000
Received: from localhost ([127.0.0.1]:46583 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1vHOth-0008Es-D2
for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:09 -0500
Received: from mail-wr1-x430.google.com ([2a00:1450:4864:20::430]:46319)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.84_2) (envelope-from <pixelbeat@HIDDEN>)
id 1vHOtb-0007sH-Bf
for 79781 <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:08 -0500
Received: by mail-wr1-x430.google.com with SMTP id
ffacd0b85a97d-3ee64bc6b90so647677f8f.0
for <79781 <at> debbugs.gnu.org>; Fri, 07 Nov 2025 08:01:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1762531257; x=1763136057; darn=debbugs.gnu.org;
h=content-transfer-encoding:in-reply-to:from:content-language
:references:to:subject:user-agent:mime-version:date:message-id
:sender:from:to:cc:subject:date:message-id:reply-to;
bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=;
b=DxrkHH/6dp9avyD0Ex99/sBRIrBuOf2Ifk0pxzKIjqJSzR/ddJVhmSOzX34hyIgHsh
15IeJapymq0x26X5a7+QRM7VHdzJmIhUL1VqsC3Lhfp4UVpCMVAf/m6vOXT7Z/urbdvG
o4zQfBOjcTWCuS28qBjyjVDw1pM3LCS141cfTGcjdpwTftlik9nQpn3NW2/P8YKNl+wT
kDLyUCqFldHGQ6YEW6ESz/J995YZXPM31mZlizfrobPBDVdAJwo1qF3NOjyvKYjnrLVq
XlC/yig5l0E69s/yy5HDNJaV/DW7fL0zWBNo6Q5cAseaUZHNandhq+l5DrJnTcKvBiNr
yrjA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1762531257; x=1763136057;
h=content-transfer-encoding:in-reply-to:from:content-language
:references:to:subject:user-agent:mime-version:date:message-id
:sender:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
:message-id:reply-to;
bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=;
b=kpyWYI74cH7NIktWR+OKAY0izVARCnel1ZjRdXTL1swYIp+ux8KLCKvCmGDlPxQdrd
57HlyR9uINGbZJgg205LnlhpD5fjnlCgdTeTHYB7ip1ZI6C+WvxSGFk/fTfgeIExrW8d
AX/kHa7C7M9/0R26bUnftz8D4xsJ74dia7NfDOHErWlC7mNuqQDpgZI3fPwe2QVLBxSS
1VwlTq914iwTN+OsepkxW2As7zED7CPMU+JK8J9alt2hY3FBiBsRZSF2LfJ4NEHC1MfR
SLVDNKwVQOE4N3KIGgmhwopSEe/ZJK+PaLMMFyri/T9O9bAvuZuxyD1TsKKQrzrH5IKi
kIRA==
X-Forwarded-Encrypted: i=1;
AJvYcCU3FznkY8zkDpXtN4alg+pd+tOdrt1z7KROCwOSLqZSFLJvmnhAoX1vQirePUv+aqWUuloeTw==@debbugs.gnu.org
X-Gm-Message-State: AOJu0YwAyYZxh67H2dZxj7+SKVMwz8ZHMKrRFbW5nxIQWM2ddoOlxaf5
Mbv7cNePxXateQRjCaFybSPT7iFvO9Tw28PJymhnUKUNiCLj9D8V+cQccOkcPQ==
X-Gm-Gg: ASbGncvBefmOUybmW6MA4xxZnrXNisBnUC64L5LmNBUMCUmewIyNQ98oFgUVKGoLoh5
Z1mzQ7FfjPNUOw4O1Q2FCX2vc2wzp4dTnFfPcBzEMvEYif7eZsTnqXT+2Hvfp8okWiCwwYU68WN
RnK2MrjYxnx75TR71hYtTBrRtQkJpqtv3iEZlvo+H5ccOWAS1HOuk/GKW3pxZBJ8I+qkJbd8643
vDN5MQViwUln0TqR5P6DBVKZi/1I7EGDrceSQm/5KfkZgbTSiKrEkYB8yIhovHaV1tweQSLEhdP
ylYzdDwFD6x8xzme7Kt67EOEWaj1s3IAbV28IrJeXOcsZgTBOwCdk1ExHtJpm0DglS8AJs+lU4g
G4XNztp3bU3i3UCYQiVFMdEj2sTA4io1ZOQbkO9JTjFgjjDERiBxeEOI4cpgNc9FB6cGyewnhkj
s=
X-Google-Smtp-Source: AGHT+IEq8jKDl7DCGB9I67oNb0urf6Ry7/q5TqVu9HspufM3+t+E3KFhGFPvtKTHwlC5DIFJulsgiQ==
X-Received: by 2002:a5d:5f94:0:b0:428:1475:6a26 with SMTP id
ffacd0b85a97d-42ae5af41cemr3852875f8f.56.1762531256267;
Fri, 07 Nov 2025 08:00:56 -0800 (PST)
Received: from [192.168.1.31] ([86.44.211.146])
by smtp.googlemail.com with ESMTPSA id
ffacd0b85a97d-42abe63e126sm6056964f8f.16.2025.11.07.08.00.55
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Fri, 07 Nov 2025 08:00:55 -0800 (PST)
Message-ID: <50624e84-5e38-4f8b-b7e4-9f10b41b5b81@HIDDEN>
Date: Fri, 7 Nov 2025 16:00:48 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird Beta
References: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN>
Content-Language: en-US
From: =?UTF-8?Q?P=C3=A1draig?= Brady <P@HIDDEN>
In-Reply-To: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
tag 79781 notabug
close 79781
stop
Details below...
On 07/11/2025 11:10, Ray steven wrote:
> Hello Coreutils maintainers,
>
> I found a potential issue in the `copy_internal` function in `src/copy.c`.
>
> Issue Summary
> -------------
> In lines 1641–1642, the variables `src_mode` and `dst_mode` are defined.
> If `#ifdef lint` is not defined, these two variables are uninitialized.
>
> In the `else` branch at line 1693, they are also not explicitly
> initialized,
> but `src_mode` is used later at lines 1707 and 1745, among other places.
>
> It needs to be confirmed whether this constitutes using the variables
> before they are initialized, which could lead to undefined behavior.
>
> Suggested Action
> ----------------
> - Review the relevant code paths to ensure `src_mode` and `dst_mode`
> are properly initialized before use.
> - Consider initializing them at declaration to avoid undefined behavior:
>
> mode_t src_mode = 0;
> mode_t dst_mode = 0;
Static analysis tools should define lint with coreutils.
If we've already tagged something with IF_LINT, then
we've already analyzed it's use as OK.
It's better to not initialize variables to non valid values,
as then you lose the benefit of runtime UMR analysis.
thanks,
Padraig.
Received: (at control) by debbugs.gnu.org; 7 Nov 2025 16:01:09 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Nov 07 11:01:09 2025 Received: from localhost ([127.0.0.1]:46581 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1vHOtg-0008Dy-Tw for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:09 -0500 Received: from mail-wr1-x42b.google.com ([2a00:1450:4864:20::42b]:47358) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <pixelbeat@HIDDEN>) id 1vHOtb-0007sF-Bh for control <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:07 -0500 Received: by mail-wr1-x42b.google.com with SMTP id ffacd0b85a97d-3ed20bdfdffso867443f8f.2 for <control <at> debbugs.gnu.org>; Fri, 07 Nov 2025 08:01:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1762531257; x=1763136057; darn=debbugs.gnu.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=; b=DxrkHH/6dp9avyD0Ex99/sBRIrBuOf2Ifk0pxzKIjqJSzR/ddJVhmSOzX34hyIgHsh 15IeJapymq0x26X5a7+QRM7VHdzJmIhUL1VqsC3Lhfp4UVpCMVAf/m6vOXT7Z/urbdvG o4zQfBOjcTWCuS28qBjyjVDw1pM3LCS141cfTGcjdpwTftlik9nQpn3NW2/P8YKNl+wT kDLyUCqFldHGQ6YEW6ESz/J995YZXPM31mZlizfrobPBDVdAJwo1qF3NOjyvKYjnrLVq XlC/yig5l0E69s/yy5HDNJaV/DW7fL0zWBNo6Q5cAseaUZHNandhq+l5DrJnTcKvBiNr yrjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762531257; x=1763136057; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=; b=E6hQy54XRLoM64ZJtaWMPBX0/5AcHJuNOJv1gV7jP6M291tl6M2XYPTEGcfRJ4Wx09 erRTWkVN8XGCKdJ6G/Yaqw4Sg2H/kFAXtUwes8ZGCVZxKYR15PK8nRk1lg1jwBmLraWY j6Sjw/mnDZmK6u4QRpnbLAa8vW/qIW2x5DJJoM3qXM57c7Y/fI6MgR2hqj/+BVXRz/Gg mVbI1WxbSlTtYBPOAcwIGKFRal+ahF5oPjzK3gqYxF8BMyM8dwArLk2TZ16wqyA1h+GL 8vOkxeyIvIFJZ/X6HYn/s2wkIoakvPNt3pOIA5bYPb1wxlKhmWCf9bvjWLNBgLy00b0O +RDA== X-Forwarded-Encrypted: i=1; AJvYcCXrey24GrcPQGegUVrGGXc5y/fyl9u2WbdKDhVJvMFJ6eMi41rYiuWAHFi3lWMyhXGrENaFggWX <at> debbugs.gnu.org X-Gm-Message-State: AOJu0YyFeMtIW1vLwTYvf83v2Z+Po59CWia3GnfkQZ3+PFJ9FZrijcDA +So1KH9X1iSb9qN1JW8u5m97q2VkMFnWHiCLz5cEFGUigwqJ0n/qW4sf X-Gm-Gg: ASbGncvvkgofZT87oYKM4rB7oZEgiBAFeEkMmAMvqw4aodUVLOqaOW7lgTFwMgdougU B9xYyCCsC58oyg4BJ2LYwbxdNcHFkf+qPejJzbwbJT83rlcCgk8e+6sD8nIs2N6H0BNoLLtlE16 xFqGsxWIAwXsT89wGGJR4NmOTuKQ7bBn+iUEFhv/zph229/DXQIEGsTfrBxGi5hj7XdYLwBW8f9 HuUcoDTQ1dVmftQcGbi3FmE8oXzguBKexTFndn6s4m1beSMgeCUK0T06nJaesBuutU4QAcxx0Ci Se6jXTGxP514oa6e1PYDuEIEmX1zgWNONxsWngm4pvp7dvyVedVUm4haunTmHQZMWFvl2OQD05l rR5yH85Fur9gaFP4ZEkRXEJU8TPHNvD8cuwG07ckY0eDBb7lqKfB78Yi98eiyDTp+d1HqoKFw8s Q= X-Google-Smtp-Source: AGHT+IEq8jKDl7DCGB9I67oNb0urf6Ry7/q5TqVu9HspufM3+t+E3KFhGFPvtKTHwlC5DIFJulsgiQ== X-Received: by 2002:a5d:5f94:0:b0:428:1475:6a26 with SMTP id ffacd0b85a97d-42ae5af41cemr3852875f8f.56.1762531256267; Fri, 07 Nov 2025 08:00:56 -0800 (PST) Received: from [192.168.1.31] ([86.44.211.146]) by smtp.googlemail.com with ESMTPSA id ffacd0b85a97d-42abe63e126sm6056964f8f.16.2025.11.07.08.00.55 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Nov 2025 08:00:55 -0800 (PST) Message-ID: <50624e84-5e38-4f8b-b7e4-9f10b41b5b81@HIDDEN> Date: Fri, 7 Nov 2025 16:00:48 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta Subject: Re: bug#79781: [BUG / Question] Potential use of uninitialized variables in copy_internal() in src/copy.c To: Ray steven <checkscope.hyzc@HIDDEN>, 79781 <at> debbugs.gnu.org References: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> Content-Language: en-US From: =?UTF-8?Q?P=C3=A1draig_Brady?= <P@HIDDEN> In-Reply-To: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) tag 79781 notabug close 79781 stop Details below... On 07/11/2025 11:10, Ray steven wrote: > Hello Coreutils maintainers, > > I found a potential issue in the `copy_internal` function in `src/copy.c`. > > Issue Summary > ------------- > In lines 1641–1642, the variables `src_mode` and `dst_mode` are defined. > If `#ifdef lint` is not defined, these two variables are uninitialized. > > In the `else` branch at line 1693, they are also not explicitly > initialized, > but `src_mode` is used later at lines 1707 and 1745, among other places. > > It needs to be confirmed whether this constitutes using the variables > before they are initialized, which could lead to undefined behavior. > > Suggested Action > ---------------- > - Review the relevant code paths to ensure `src_mode` and `dst_mode` > are properly initialized before use. > - Consider initializing them at declaration to avoid undefined behavior: > > mode_t src_mode = 0; > mode_t dst_mode = 0; Static analysis tools should define lint with coreutils. If we've already tagged something with IF_LINT, then we've already analyzed it's use as OK. It's better to not initialize variables to non valid values, as then you lose the benefit of runtime UMR analysis. thanks, Padraig.
Received: (at control) by debbugs.gnu.org; 7 Nov 2025 16:01:09 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Nov 07 11:01:09 2025 Received: from localhost ([127.0.0.1]:46581 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1vHOtg-0008Dy-Tw for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:09 -0500 Received: from mail-wr1-x42b.google.com ([2a00:1450:4864:20::42b]:47358) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <pixelbeat@HIDDEN>) id 1vHOtb-0007sF-Bh for control <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:07 -0500 Received: by mail-wr1-x42b.google.com with SMTP id ffacd0b85a97d-3ed20bdfdffso867443f8f.2 for <control <at> debbugs.gnu.org>; Fri, 07 Nov 2025 08:01:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1762531257; x=1763136057; darn=debbugs.gnu.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=; b=DxrkHH/6dp9avyD0Ex99/sBRIrBuOf2Ifk0pxzKIjqJSzR/ddJVhmSOzX34hyIgHsh 15IeJapymq0x26X5a7+QRM7VHdzJmIhUL1VqsC3Lhfp4UVpCMVAf/m6vOXT7Z/urbdvG o4zQfBOjcTWCuS28qBjyjVDw1pM3LCS141cfTGcjdpwTftlik9nQpn3NW2/P8YKNl+wT kDLyUCqFldHGQ6YEW6ESz/J995YZXPM31mZlizfrobPBDVdAJwo1qF3NOjyvKYjnrLVq XlC/yig5l0E69s/yy5HDNJaV/DW7fL0zWBNo6Q5cAseaUZHNandhq+l5DrJnTcKvBiNr yrjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762531257; x=1763136057; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=; b=E6hQy54XRLoM64ZJtaWMPBX0/5AcHJuNOJv1gV7jP6M291tl6M2XYPTEGcfRJ4Wx09 erRTWkVN8XGCKdJ6G/Yaqw4Sg2H/kFAXtUwes8ZGCVZxKYR15PK8nRk1lg1jwBmLraWY j6Sjw/mnDZmK6u4QRpnbLAa8vW/qIW2x5DJJoM3qXM57c7Y/fI6MgR2hqj/+BVXRz/Gg mVbI1WxbSlTtYBPOAcwIGKFRal+ahF5oPjzK3gqYxF8BMyM8dwArLk2TZ16wqyA1h+GL 8vOkxeyIvIFJZ/X6HYn/s2wkIoakvPNt3pOIA5bYPb1wxlKhmWCf9bvjWLNBgLy00b0O +RDA== X-Forwarded-Encrypted: i=1; AJvYcCXrey24GrcPQGegUVrGGXc5y/fyl9u2WbdKDhVJvMFJ6eMi41rYiuWAHFi3lWMyhXGrENaFggWX <at> debbugs.gnu.org X-Gm-Message-State: AOJu0YyFeMtIW1vLwTYvf83v2Z+Po59CWia3GnfkQZ3+PFJ9FZrijcDA +So1KH9X1iSb9qN1JW8u5m97q2VkMFnWHiCLz5cEFGUigwqJ0n/qW4sf X-Gm-Gg: ASbGncvvkgofZT87oYKM4rB7oZEgiBAFeEkMmAMvqw4aodUVLOqaOW7lgTFwMgdougU B9xYyCCsC58oyg4BJ2LYwbxdNcHFkf+qPejJzbwbJT83rlcCgk8e+6sD8nIs2N6H0BNoLLtlE16 xFqGsxWIAwXsT89wGGJR4NmOTuKQ7bBn+iUEFhv/zph229/DXQIEGsTfrBxGi5hj7XdYLwBW8f9 HuUcoDTQ1dVmftQcGbi3FmE8oXzguBKexTFndn6s4m1beSMgeCUK0T06nJaesBuutU4QAcxx0Ci Se6jXTGxP514oa6e1PYDuEIEmX1zgWNONxsWngm4pvp7dvyVedVUm4haunTmHQZMWFvl2OQD05l rR5yH85Fur9gaFP4ZEkRXEJU8TPHNvD8cuwG07ckY0eDBb7lqKfB78Yi98eiyDTp+d1HqoKFw8s Q= X-Google-Smtp-Source: AGHT+IEq8jKDl7DCGB9I67oNb0urf6Ry7/q5TqVu9HspufM3+t+E3KFhGFPvtKTHwlC5DIFJulsgiQ== X-Received: by 2002:a5d:5f94:0:b0:428:1475:6a26 with SMTP id ffacd0b85a97d-42ae5af41cemr3852875f8f.56.1762531256267; Fri, 07 Nov 2025 08:00:56 -0800 (PST) Received: from [192.168.1.31] ([86.44.211.146]) by smtp.googlemail.com with ESMTPSA id ffacd0b85a97d-42abe63e126sm6056964f8f.16.2025.11.07.08.00.55 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Nov 2025 08:00:55 -0800 (PST) Message-ID: <50624e84-5e38-4f8b-b7e4-9f10b41b5b81@HIDDEN> Date: Fri, 7 Nov 2025 16:00:48 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta Subject: Re: bug#79781: [BUG / Question] Potential use of uninitialized variables in copy_internal() in src/copy.c To: Ray steven <checkscope.hyzc@HIDDEN>, 79781 <at> debbugs.gnu.org References: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> Content-Language: en-US From: =?UTF-8?Q?P=C3=A1draig_Brady?= <P@HIDDEN> In-Reply-To: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) tag 79781 notabug close 79781 stop Details below... On 07/11/2025 11:10, Ray steven wrote: > Hello Coreutils maintainers, > > I found a potential issue in the `copy_internal` function in `src/copy.c`. > > Issue Summary > ------------- > In lines 1641–1642, the variables `src_mode` and `dst_mode` are defined. > If `#ifdef lint` is not defined, these two variables are uninitialized. > > In the `else` branch at line 1693, they are also not explicitly > initialized, > but `src_mode` is used later at lines 1707 and 1745, among other places. > > It needs to be confirmed whether this constitutes using the variables > before they are initialized, which could lead to undefined behavior. > > Suggested Action > ---------------- > - Review the relevant code paths to ensure `src_mode` and `dst_mode` > are properly initialized before use. > - Consider initializing them at declaration to avoid undefined behavior: > > mode_t src_mode = 0; > mode_t dst_mode = 0; Static analysis tools should define lint with coreutils. If we've already tagged something with IF_LINT, then we've already analyzed it's use as OK. It's better to not initialize variables to non valid values, as then you lose the benefit of runtime UMR analysis. thanks, Padraig.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.