GNU bug report logs - #8211
uninitialized variable in detect_coding_iso_2022's end-of-composition code

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Reported by: Paul Eggert <eggert@HIDDEN>; dated Wed, 9 Mar 2011 17:55:01 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.

Message received at 8211 <at> debbugs.gnu.org:


Received: (at 8211) by debbugs.gnu.org; 23 Mar 2011 23:19:35 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 23 19:19:34 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1Q2XKw-000189-9q
	for submit <at> debbugs.gnu.org; Wed, 23 Mar 2011 19:19:34 -0400
Received: from smtp.cs.ucla.edu ([131.179.128.62])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <eggert@HIDDEN>)
	id 1Q2XKt-00017n-J7; Wed, 23 Mar 2011 19:19:32 -0400
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp.cs.ucla.edu (Postfix) with ESMTP id 6E24D39E80E0;
	Wed, 23 Mar 2011 16:19:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu
Received: from smtp.cs.ucla.edu ([127.0.0.1])
	by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id rtc05Tc4HYDm; Wed, 23 Mar 2011 16:19:25 -0700 (PDT)
Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200])
	by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 1D12839E80B1;
	Wed, 23 Mar 2011 16:19:25 -0700 (PDT)
Message-ID: <4D8A7FFC.60405@HIDDEN>
Date: Wed, 23 Mar 2011 16:19:24 -0700
From: Paul Eggert <eggert@HIDDEN>
Organization: UCLA Computer Science Department
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14
	Thunderbird/3.1.9
MIME-Version: 1.0
To: 8229 <at> debbugs.gnu.org, 8215 <at> debbugs.gnu.org, 8211 <at> debbugs.gnu.org
Subject: committed the workaround
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: -3.2 (---)
X-Debbugs-Envelope-To: 8211
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -3.2 (---)

I committed my abovementioned workaround into the
Emacs trunk on 2011-03-11 (bzr 103589).  I don't
consider this a fix, though, so I'm leaving this
bug report open.




Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#8211; Package emacs. Full text available.

Message received at 8211 <at> debbugs.gnu.org:


Received: (at 8211) by debbugs.gnu.org; 9 Mar 2011 22:30:30 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 09 17:30:30 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1PxRtm-0001Yn-EA
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 17:30:30 -0500
Received: from mail-out.m-online.net ([212.18.0.10])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <whitebox@HIDDEN>) id 1PxRtj-0001Yb-M3
	for 8211 <at> debbugs.gnu.org; Wed, 09 Mar 2011 17:30:28 -0500
Received: from frontend1.mail.m-online.net (frontend1.mail.intern.m-online.net
	[192.168.8.180])
	by mail-out.m-online.net (Postfix) with ESMTP id CE7BA188A196;
	Wed,  9 Mar 2011 23:30:21 +0100 (CET)
Received: from localhost (dynscan1.mnet-online.de [192.168.8.164])
	by mail.m-online.net (Postfix) with ESMTP id 164161C0013E;
	Wed,  9 Mar 2011 23:30:22 +0100 (CET)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.180])
	by localhost (dynscan1.mail.m-online.net [192.168.8.164]) (amavisd-new,
	port 10024)
	with ESMTP id AknjDKnufomn; Wed,  9 Mar 2011 23:30:21 +0100 (CET)
Received: from igel.home (ppp-93-104-142-221.dynamic.mnet-online.de
	[93.104.142.221]) by mail.mnet-online.de (Postfix) with ESMTP;
	Wed,  9 Mar 2011 23:30:21 +0100 (CET)
Received: by igel.home (Postfix, from userid 501)
	id 3C034CA2A0; Wed,  9 Mar 2011 23:30:21 +0100 (CET)
From: Andreas Schwab <schwab@HIDDEN>
To: Paul Eggert <eggert@HIDDEN>
Subject: Re: bug#8211: uninitialized variable in detect_coding_iso_2022's
	end-of-composition code
References: <4D77BEA3.6070305@HIDDEN>
X-Yow: Here I am in the POSTERIOR OLFACTORY LOBULE but I don't see CARL SAGAN
	anywhere!!
Date: Wed, 09 Mar 2011 23:30:21 +0100
In-Reply-To: <4D77BEA3.6070305@HIDDEN> (Paul Eggert's message of "Wed, 09
	Mar 2011 09:53:39 -0800")
Message-ID: <m28vwo3p1e.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2.94 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Score: -2.6 (--)
X-Debbugs-Envelope-To: 8211
Cc: 8211 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -2.6 (--)

Paul Eggert <eggert@HIDDEN> writes:

> I found this problem by compiling Emacs with GCC's -Wuninitialized flag.
>
> The following code in the Emacs trunk src/coding.c's
> detect_coding_iso_2022 function apparently uses an uninitialized variable:
>
>           ...
>           else if (c == '1')
>             {
>               /* End of composition.  */
>               if (composition_count < 0
>                   || composition_count > MAX_COMPOSITION_COMPONENTS)
>                 /* Invalid */
>                 break;
>               composition_count = -1;
>               found |= CATEGORY_MASK_ISO;
>             }
>           else
>             ...
>
>           /* We found a valid designation sequence for CHARSET.  */
>           rejected |= CATEGORY_MASK_ISO_8BIT;
>           if (SAFE_CHARSET_P (&coding_categories[coding_category_iso_7],
>                               id))
>             found |= CATEGORY_MASK_ISO_7;
>
> The problem is that the "else if (c == '1')" branch does not initialize
> the local variable "id", but the second "if" test uses that variable.

I think it just lacks a break.  ESC '1' is not a designation sequence.

Andreas.

-- 
Andreas Schwab, schwab@HIDDEN
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."




Information forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#8211; Package emacs. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 9 Mar 2011 17:54:11 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 09 12:54:11 2011
Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1PxNaM-0002wn-Gk
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 12:54:10 -0500
Received: from eggs.gnu.org ([140.186.70.92])
	by debbugs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <eggert@HIDDEN>) id 1PxNaJ-0002wb-Rj
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 12:54:08 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxNaD-0007sA-FB
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 12:54:02 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD
	autolearn=unavailable version=3.3.1
Received: from lists.gnu.org ([199.232.76.165]:60826)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxNaD-0007s6-Cs
	for submit <at> debbugs.gnu.org; Wed, 09 Mar 2011 12:54:01 -0500
Received: from [140.186.70.92] (port=41059 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PxNa8-0007Lc-HF
	for bug-gnu-emacs@HIDDEN; Wed, 09 Mar 2011 12:54:01 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxNa7-0007qW-9L
	for bug-gnu-emacs@HIDDEN; Wed, 09 Mar 2011 12:53:56 -0500
Received: from smtp.cs.ucla.edu ([131.179.128.62]:40850)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eggert@HIDDEN>) id 1PxNa7-0007qB-4Q
	for bug-gnu-emacs@HIDDEN; Wed, 09 Mar 2011 12:53:55 -0500
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp.cs.ucla.edu (Postfix) with ESMTP id 086A439E8100;
	Wed,  9 Mar 2011 09:53:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at smtp.cs.ucla.edu
Received: from smtp.cs.ucla.edu ([127.0.0.1])
	by localhost (smtp.cs.ucla.edu [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id l5fkDLWhDnku; Wed,  9 Mar 2011 09:53:52 -0800 (PST)
Received: from [131.179.64.200] (Penguin.CS.UCLA.EDU [131.179.64.200])
	by smtp.cs.ucla.edu (Postfix) with ESMTPSA id 2FB2739E8083;
	Wed,  9 Mar 2011 09:53:52 -0800 (PST)
Message-ID: <4D77BEA3.6070305@HIDDEN>
Date: Wed, 09 Mar 2011 09:53:39 -0800
From: Paul Eggert <eggert@HIDDEN>
Organization: UCLA Computer Science Department
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.13) Gecko/20101209 Fedora/3.1.7-0.35.b3pre.fc14
	Thunderbird/3.1.7
MIME-Version: 1.0
To: bug-gnu-emacs@HIDDEN
Subject: uninitialized variable in detect_coding_iso_2022's end-of-composition
	code
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
X-Received-From: 199.232.76.165
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
Cc: Kenichi Handa <handa@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.11
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/pipermail/debbugs-submit>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
	<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Sender: debbugs-submit-bounces <at> debbugs.gnu.org
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
X-Spam-Score: -5.0 (-----)

I found this problem by compiling Emacs with GCC's -Wuninitialized flag.

The following code in the Emacs trunk src/coding.c's
detect_coding_iso_2022 function apparently uses an uninitialized variable:

           ...
           else if (c == '1')
             {
               /* End of composition.  */
               if (composition_count < 0
                   || composition_count > MAX_COMPOSITION_COMPONENTS)
                 /* Invalid */
                 break;
               composition_count = -1;
               found |= CATEGORY_MASK_ISO;
             }
           else
             ...

           /* We found a valid designation sequence for CHARSET.  */
           rejected |= CATEGORY_MASK_ISO_8BIT;
           if (SAFE_CHARSET_P (&coding_categories[coding_category_iso_7],
                               id))
             found |= CATEGORY_MASK_ISO_7;

The problem is that the "else if (c == '1')" branch does not initialize
the local variable "id", but the second "if" test uses that variable.

I plan to work around the uninitialized-variable problem by initializing
"id" to zero.  This will replace undefined behavior with defined behavior,
so it shouldn't introduce a new bug, but it probably doesn't fix the
bug in question, assuming there is one.  Could an expert in this
area please review this and come up with a real fix?

I'm CC'ing this to Kenichi Handa, who committed the code in question.




Acknowledgement sent to Paul Eggert <eggert@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs@HIDDEN. Full text available.
Report forwarded to owner <at> debbugs.gnu.org, bug-gnu-emacs@HIDDEN:
bug#8211; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Fri, 31 Oct 2014 17:00:04 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.