stcorp / coda

The Common Data Access toolset
http://stcorp.github.io/coda/doc/html/index.html
BSD 3-Clause "New" or "Revised" License
39 stars 17 forks source link

Initializing variable which may be used in an uninitialized fashion (closes #80) #81

Closed ruimaranhao closed 4 years ago

ruimaranhao commented 4 years ago

Initializing variable which may be used in an uninitialized fashion as reported by the test case included in issue #80.

Using uninitialized memory can be a security issue, such as potentially leaking previous stack contents. By zero-initializing, we avoid such potential leaks.

Running with the specific input case after this PR is applied no longer results in any error findings (credits: the input case was found using google/clusterfuzz).

Note that this PR only avoids the uninitialized memory use identified in that bug, and is unaware of the functionality or semantics of the rest of the code. The file owners are welcome to suggest alternate fixes on this PR or address other behavioral concerns in a separate PR.

(For the record: I am currently a Visiting Researcher at Google NYC and this fix is the result of an internal project).

svniemeijer commented 4 years ago

This is not the right fix. If there is a problem with reading uninitialised data then this would be a problem in za_read_entry which should initialise all filesize amount of allocated bytes (and return an error if this wasn't possible). Using calloc is solving the symptom, not the core problem.

svniemeijer commented 4 years ago

Appropriate fix was implemented in 22eb9197ab973055ce856f40b02157eb5833a958