search

tpm2-software / tpm2-totp

Attest the trustworthiness of a device against a human using time-based one-time passwords
https://tpm2-software.github.io
BSD 3-Clause "New" or "Revised" License
163 stars 36 forks source link

Compilation error due to variable used uninitialized #32

Closed casantos closed 5 years ago

casantos commented 5 years ago

Some inline declarations of strtok_r (specifically in Sourcery CodeBench Lite 2016.11-19) contain code where an '__s' local variable can be used uninitialized.

When GCC expands that declaration in 'parse_pcrs', __s becomes an alias to the local variable 'saveptr', which in fact is not initialized, but this is not relevant, since the 'str' argument is knowingly not NULL when passed to strtok_r because it comes from 'optarg' in parse_opts.

Anyway, applying the attached patch to initialize saveptr to NULL prevents the compilation error.

fix-compilation-failure.txt

Fixes: http://autobuild.buildroot.net/results/5693a35e4d6bc76a1f46fe0e217abc49f7188aad/

diabonas commented 5 years ago

Compilers are weird... Thank you for the patch, LGTM!

AndreasFuchsTPM commented 5 years ago

@casantos I just released v0.1.2-rc1 including your fix: https://github.com/tpm2-software/tpm2-totp/releases/tag/v0.1.2-rc1 If that works for you, I can release the final v0.1.2 tomorrow and you can update your build recipe.

casantos commented 5 years ago

@casantos I just released v0.1.2-rc1 including your fix: https://github.com/tpm2-software/tpm2-totp/releases/tag/v0.1.2-rc1 If that works for you, I can release the final v0.1.2 tomorrow and you can update your build recipe.

I tested it on Buildroot ad it works. Thanks!