Pádraig Brady <P@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Pádraig Brady <P@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Received: (at 79781) by debbugs.gnu.org; 7 Nov 2025 16:01:09 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Nov 07 11:01:09 2025 Received: from localhost ([127.0.0.1]:46583 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1vHOth-0008Es-D2 for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:09 -0500 Received: from mail-wr1-x430.google.com ([2a00:1450:4864:20::430]:46319) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <pixelbeat@HIDDEN>) id 1vHOtb-0007sH-Bf for 79781 <at> debbugs.gnu.org; Fri, 07 Nov 2025 11:01:08 -0500 Received: by mail-wr1-x430.google.com with SMTP id ffacd0b85a97d-3ee64bc6b90so647677f8f.0 for <79781 <at> debbugs.gnu.org>; Fri, 07 Nov 2025 08:01:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1762531257; x=1763136057; darn=debbugs.gnu.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=; b=DxrkHH/6dp9avyD0Ex99/sBRIrBuOf2Ifk0pxzKIjqJSzR/ddJVhmSOzX34hyIgHsh 15IeJapymq0x26X5a7+QRM7VHdzJmIhUL1VqsC3Lhfp4UVpCMVAf/m6vOXT7Z/urbdvG o4zQfBOjcTWCuS28qBjyjVDw1pM3LCS141cfTGcjdpwTftlik9nQpn3NW2/P8YKNl+wT kDLyUCqFldHGQ6YEW6ESz/J995YZXPM31mZlizfrobPBDVdAJwo1qF3NOjyvKYjnrLVq XlC/yig5l0E69s/yy5HDNJaV/DW7fL0zWBNo6Q5cAseaUZHNandhq+l5DrJnTcKvBiNr yrjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762531257; x=1763136057; h=content-transfer-encoding:in-reply-to:from:content-language :references:to:subject:user-agent:mime-version:date:message-id :sender:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=tlDjkorFxw3lb4LlwbWHvJVr5eURoZWACollAxjF+I4=; b=kpyWYI74cH7NIktWR+OKAY0izVARCnel1ZjRdXTL1swYIp+ux8KLCKvCmGDlPxQdrd 57HlyR9uINGbZJgg205LnlhpD5fjnlCgdTeTHYB7ip1ZI6C+WvxSGFk/fTfgeIExrW8d AX/kHa7C7M9/0R26bUnftz8D4xsJ74dia7NfDOHErWlC7mNuqQDpgZI3fPwe2QVLBxSS 1VwlTq914iwTN+OsepkxW2As7zED7CPMU+JK8J9alt2hY3FBiBsRZSF2LfJ4NEHC1MfR SLVDNKwVQOE4N3KIGgmhwopSEe/ZJK+PaLMMFyri/T9O9bAvuZuxyD1TsKKQrzrH5IKi kIRA== X-Forwarded-Encrypted: i=1; AJvYcCU3FznkY8zkDpXtN4alg+pd+tOdrt1z7KROCwOSLqZSFLJvmnhAoX1vQirePUv+aqWUuloeTw==@debbugs.gnu.org X-Gm-Message-State: AOJu0YwAyYZxh67H2dZxj7+SKVMwz8ZHMKrRFbW5nxIQWM2ddoOlxaf5 Mbv7cNePxXateQRjCaFybSPT7iFvO9Tw28PJymhnUKUNiCLj9D8V+cQccOkcPQ== X-Gm-Gg: ASbGncvBefmOUybmW6MA4xxZnrXNisBnUC64L5LmNBUMCUmewIyNQ98oFgUVKGoLoh5 Z1mzQ7FfjPNUOw4O1Q2FCX2vc2wzp4dTnFfPcBzEMvEYif7eZsTnqXT+2Hvfp8okWiCwwYU68WN RnK2MrjYxnx75TR71hYtTBrRtQkJpqtv3iEZlvo+H5ccOWAS1HOuk/GKW3pxZBJ8I+qkJbd8643 vDN5MQViwUln0TqR5P6DBVKZi/1I7EGDrceSQm/5KfkZgbTSiKrEkYB8yIhovHaV1tweQSLEhdP ylYzdDwFD6x8xzme7Kt67EOEWaj1s3IAbV28IrJeXOcsZgTBOwCdk1ExHtJpm0DglS8AJs+lU4g G4XNztp3bU3i3UCYQiVFMdEj2sTA4io1ZOQbkO9JTjFgjjDERiBxeEOI4cpgNc9FB6cGyewnhkj s= X-Google-Smtp-Source: AGHT+IEq8jKDl7DCGB9I67oNb0urf6Ry7/q5TqVu9HspufM3+t+E3KFhGFPvtKTHwlC5DIFJulsgiQ== X-Received: by 2002:a5d:5f94:0:b0:428:1475:6a26 with SMTP id ffacd0b85a97d-42ae5af41cemr3852875f8f.56.1762531256267; Fri, 07 Nov 2025 08:00:56 -0800 (PST) Received: from [192.168.1.31] ([86.44.211.146]) by smtp.googlemail.com with ESMTPSA id ffacd0b85a97d-42abe63e126sm6056964f8f.16.2025.11.07.08.00.55 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 07 Nov 2025 08:00:55 -0800 (PST) Message-ID: <50624e84-5e38-4f8b-b7e4-9f10b41b5b81@HIDDEN> Date: Fri, 7 Nov 2025 16:00:48 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta Subject: Re: bug#79781: [BUG / Question] Potential use of uninitialized variables in copy_internal() in src/copy.c To: Ray steven <checkscope.hyzc@HIDDEN>, 79781 <at> debbugs.gnu.org References: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> Content-Language: en-US From: =?UTF-8?Q?P=C3=A1draig_Brady?= <P@HIDDEN> In-Reply-To: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 79781 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) tag 79781 notabug close 79781 stop Details below... On 07/11/2025 11:10, Ray steven wrote: > Hello Coreutils maintainers, > > I found a potential issue in the `copy_internal` function in `src/copy.c`. > > Issue Summary > ------------- > In lines 1641–1642, the variables `src_mode` and `dst_mode` are defined. > If `#ifdef lint` is not defined, these two variables are uninitialized. > > In the `else` branch at line 1693, they are also not explicitly > initialized, > but `src_mode` is used later at lines 1707 and 1745, among other places. > > It needs to be confirmed whether this constitutes using the variables > before they are initialized, which could lead to undefined behavior. > > Suggested Action > ---------------- > - Review the relevant code paths to ensure `src_mode` and `dst_mode` > are properly initialized before use. > - Consider initializing them at declaration to avoid undefined behavior: > > mode_t src_mode = 0; > mode_t dst_mode = 0; Static analysis tools should define lint with coreutils. If we've already tagged something with IF_LINT, then we've already analyzed it's use as OK. It's better to not initialize variables to non valid values, as then you lose the benefit of runtime UMR analysis. thanks, Padraig.
bug-coreutils@HIDDEN:bug#79781; Package coreutils.
Full text available.
Received: (at submit) by debbugs.gnu.org; 7 Nov 2025 12:35:33 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Nov 07 07:35:33 2025
Received: from localhost ([127.0.0.1]:45658 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1vHLgi-0005bJ-GQ
for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 07:35:33 -0500
Received: from lists.gnu.org ([2001:470:142::17]:57058)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <checkscope.hyzc@HIDDEN>)
id 1vHKMx-0007nw-Rj
for submit <at> debbugs.gnu.org; Fri, 07 Nov 2025 06:11:08 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <checkscope.hyzc@HIDDEN>)
id 1vHKMs-0003vc-Bb
for bug-coreutils@HIDDEN; Fri, 07 Nov 2025 06:10:58 -0500
Received: from mail-oi1-x232.google.com ([2607:f8b0:4864:20::232])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from <checkscope.hyzc@HIDDEN>)
id 1vHKMq-0001Br-PA
for bug-coreutils@HIDDEN; Fri, 07 Nov 2025 06:10:58 -0500
Received: by mail-oi1-x232.google.com with SMTP id
5614622812f47-450063be247so266029b6e.2
for <bug-coreutils@HIDDEN>; Fri, 07 Nov 2025 03:10:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1762513855; x=1763118655; darn=gnu.org;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=GHXEVOkTQrNXNfdMZvpnVHCsbRPCYzyIDRh8BeGZQgM=;
b=GkPIosRb1EdjWCyelvhgMmG+kXb7tUSbEq9+6Tw1P60e5G7wcovC/r2cNpkZAMOepU
nZzYCyPAi6xA/AoHvUGX7pXNcHuMCUYe/HGDoxCXdm4PMwGxoix92CkQIzZpUdQxlq73
zMFLWZ0OHofkE40PBHcVOIvMcrvL+xpuI2dyLO+pgYuKLzwTF8ree5c6fO3csDd9NAhy
bo5kwRTK4IveJRB+JkB0xTKGcG68ZcPZszom5iFEgsnanhy5qF3wloEB6Ag+HHKvipDV
jRS6gdmY9US/ypKY06l33T5mNnWqTIN6IT8Pxx1lsFwcZuA05jqEmW4roev1V6/4+XUR
X2xg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1762513855; x=1763118655;
h=to:subject:message-id:date:from:mime-version:x-gm-gg
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=GHXEVOkTQrNXNfdMZvpnVHCsbRPCYzyIDRh8BeGZQgM=;
b=jidxnpOJC3scXxZprHrsCAdosxE8tHx1xChPWSKZdrDUIWcslQpLDMsGEcqci9HLiU
TSa8XRSdNamFPr1IO2xMsUt3cIfMcW0X2tgr6o2PVPJ+i6kmDacPXSaIY9QKAQULAT63
Z6Q8kXbeu/49y1DTOy2v7Fl9tu9uBcEHTvKdpAxg1DIe7OVeVVeF/PhzSDQla3ZU2rk8
UtCV4a4Li1COKVTX8SbNY58DFBkgp5JNqSUUGF9UhvBGLWeef9MHoSWFGIh3gGYEd1IQ
SL+VArpEj16GSMMmMw98IBBLgdEnKBipRvI14DVA01hFYAl2xyurykoC/k0asA7O+l8F
YQDQ==
X-Gm-Message-State: AOJu0Yw5+jsjd6c9U/ZvTniLxRbsaKMm+SdZgKOFJ+eLASlKJDE7yc85
1vPHGxpQyqU171qPm6mHi2M52y3cHGpQU+bWdbCtQA610Zf00BfqXIf1E72XJr/Zo1f0MRsqDz8
cV0Qjnvxp2YZzjcKnuhkDJFTFZWL1Or6A7Pwt
X-Gm-Gg: ASbGncvU48DZHgk9FNg1rYR8Hk+ThtaW+6dY/WgnVaHGH3mBz6AF6vi0K6jJ7vM/xpQ
kNhYKf9Pb5Sk69L33UAFjpyrRhCTptqwPduhwxen/HaRVFppcpjcuhaKAniGDAz5e4lWvHLiemd
L0/bfawTM4mBMaOjTIMiN/R0JzOG6n9IoZKeDoFxHWrUuWlBlZaibDf1SpO65VQbAW5pz/qK5f9
/pTiyMCDhSSDeL4MCPiyqkS6PaF1EDQuUsF2qWcPmxFZnyUQnNEoxcrPbr2Zw==
X-Google-Smtp-Source: AGHT+IHngTgQqM2HGaGdooqKFB4ZR7dN8z0GQiyVU6P9Gs//4cZ+OtxvKCUq6hSz88/9is9Z0sMGdUtYxj45eQLtLVg=
X-Received: by 2002:a05:6808:4f2c:b0:44f:8f4b:9146 with SMTP id
5614622812f47-45015da0428mr1273811b6e.22.1762513855149; Fri, 07 Nov 2025
03:10:55 -0800 (PST)
MIME-Version: 1.0
From: Ray steven <checkscope.hyzc@HIDDEN>
Date: Fri, 7 Nov 2025 19:10:46 +0800
X-Gm-Features: AWmQ_blvZZuV6nk3y6efU5PPNzRGfsaVFS0JLF6z_Rfbohu26imO0snFG2gyenI
Message-ID: <CAC2RF+NyKL5QCzNS_4gJEfdmwmye8KRD1Ds9OkG7ROtUh_d7xA@HIDDEN>
Subject: [BUG / Question] Potential use of uninitialized variables in
copy_internal() in src/copy.c
To: bug-coreutils@HIDDEN
Content-Type: multipart/alternative; boundary="0000000000003f7b7e0642ff3ca8"
Received-SPF: pass client-ip=2607:f8b0:4864:20::232;
envelope-from=checkscope.hyzc@HIDDEN; helo=mail-oi1-x232.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Fri, 07 Nov 2025 07:35:31 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.0 (/)
--0000000000003f7b7e0642ff3ca8
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hello Coreutils maintainers,
I found a potential issue in the `copy_internal` function in `src/copy.c`.
Issue Summary
-------------
In lines 1641=E2=80=931642, the variables `src_mode` and `dst_mode` are def=
ined.
If `#ifdef lint` is not defined, these two variables are uninitialized.
In the `else` branch at line 1693, they are also not explicitly
initialized,
but `src_mode` is used later at lines 1707 and 1745, among other places.
It needs to be confirmed whether this constitutes using the variables
before they are initialized, which could lead to undefined behavior.
Suggested Action
----------------
- Review the relevant code paths to ensure `src_mode` and `dst_mode`
are properly initialized before use.
- Consider initializing them at declaration to avoid undefined behavior:
mode_t src_mode =3D 0;
mode_t dst_mode =3D 0;
Thanks for your time and for maintaining Coreutils.
Best regards,
CheckScope
--0000000000003f7b7e0642ff3ca8
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Hello Coreutils maintainers,<br><br>I found a potential is=
sue in the `copy_internal` function in `src/copy.c`.<br><br>Issue Summary<b=
r>-------------<br>In lines 1641=E2=80=931642, the variables `src_mode` and=
`dst_mode` are defined. =C2=A0<br>If `#ifdef lint` is not defined, these t=
wo variables are uninitialized. =C2=A0<br><br>In the `else` branch at line =
1693, they are also not explicitly initialized, =C2=A0<br>but `src_mode` is=
used later at lines 1707 and 1745, among other places. =C2=A0<br><br>It ne=
eds to be confirmed whether this constitutes using the variables =C2=A0<br>=
before they are initialized, which could lead to undefined behavior.<br><br=
>Suggested Action<br>----------------<br>- Review the relevant code paths t=
o ensure `src_mode` and `dst_mode` =C2=A0<br>=C2=A0 are properly initialize=
d before use. =C2=A0<br>- Consider initializing them at declaration to avoi=
d undefined behavior:<br><br>=C2=A0 =C2=A0 mode_t src_mode =3D 0;<br>=C2=A0=
=C2=A0 mode_t dst_mode =3D 0;<br><br>Thanks for your time and for maintain=
ing Coreutils.<br><br>Best regards,<br>CheckScope</div>
--0000000000003f7b7e0642ff3ca8--
Ray steven <checkscope.hyzc@HIDDEN>:bug-coreutils@HIDDEN.
Full text available.bug-coreutils@HIDDEN:bug#79781; Package coreutils.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.