From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mout01.posteo.de (mout01.posteo.de [185.67.36.65]) by mx.groups.io with SMTP id smtpd.web11.5655.1621083649431627489 for ; Sat, 15 May 2021 06:00:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@posteo.net header.s=2017 header.b=hzN/WSrt; spf=pass (domain: posteo.net, ip: 185.67.36.65, mailfrom: sergei@posteo.net) Received: from submission (posteo.de [89.146.220.130]) by mout01.posteo.de (Postfix) with ESMTPS id DA633240028 for ; Sat, 15 May 2021 15:00:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1621083646; bh=4JlS19x/WEvRXXd6SCyxK9yoC3cjS1r4uaW1VvY5AkU=; h=Date:From:To:Cc:Subject:From; b=hzN/WSrtESzqxmELeZnvyTLrnEIyH9dE9FktIujRCAhgyGyQQyUHmJVoGHhWpumNl MLGY/Ug/SA0tmGqlcHsODtUqeJK3AgnKh6l2fqfz1nQYbMX9u31Alt8sB29fwmWj0p uUBiWEefzGg3nRnh1SbOPD7oshw3MvjLWjZtYES1I0TTsuA30hF5r81nP8403+fZRx 1lQ5t0Y+sxiawfyZEQEZqUHSTL12jpp95f6aIZw4E1kUM11wZr4vB6PI04YBcwF0FF vX4ZzX/DKQKLRPsCy+YCda6b3h+RyCQMVAPsXI4pq39IXXiLxUpfeyX/OrqND5GTBJ 51tj8jfTiwlXQ== Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4Fj59T5kywz6tmB; Sat, 15 May 2021 15:00:45 +0200 (CEST) Date: Sat, 15 May 2021 13:00:41 +0000 From: "Sergei Dmitrouk" To: devel@edk2.groups.io, jiewen.yao@intel.com Cc: "Wang, Jian J" , "Lu, XiaoyuX" , "Jiang, Guomin" Subject: Re: [edk2-devel] [PATCH v1 3/3] CryptoPkg/BaseCryptLib: Fix possible uninitialized use Message-ID: <20210515130041.GA6005@zx-spectrum> References: <20210514121714.17312-1-sergei@posteo.net> <20210514121714.17312-4-sergei@posteo.net> MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello Jiewen, I get the error only for GCC49 and not for GCC5 toolchain. CI uses GCC5. So I compared build commands and this seems to depend on LTO. Adding `-flto` impedes compiler's ability to detect such simple issues. I've found relevant bug report, there is even fix suggestion from last month: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90844 Regards, Sergei On Sat, May 15, 2021 at 12:30:44AM +0000, Yao, Jiewen wrote: > Hi Sergei > Thank you very much for the fix. > Reviewed-by: Jiewen Yao > > I am a little surprised why it is not caught before. It is an obvious logic issue. > > Do you think we can do anything on CI, to catch it during pre-check-in in the future? > I just feel it is burden to make it post-check-in fix. > > > Thank you > Yao Jiewen > > > -----Original Message----- > > From: Sergei Dmitrouk > > Sent: Friday, May 14, 2021 8:17 PM > > To: devel@edk2.groups.io > > Cc: Yao, Jiewen ; Wang, Jian J ; > > Lu, XiaoyuX ; Jiang, Guomin > > Subject: [PATCH v1 3/3] CryptoPkg/BaseCryptLib: Fix possible uninitialized use > > > > `Result` can be used uninitialized in both functions after following > > either first or second `goto` statement. > > > > Cc: Jiewen Yao > > Cc: Jian J Wang > > Cc: Xiaoyu Lu > > Cc: Guomin Jiang > > Signed-off-by: Sergei Dmitrouk > > --- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 1 + > > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c | 1 + > > 2 files changed, 2 insertions(+) > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > index 4009d37d5f91..0b2960f06c4c 100644 > > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > @@ -82,6 +82,7 @@ RsaPssVerify ( > > EVP_PKEY_CTX *KeyCtx; > > CONST EVP_MD *HashAlg; > > > > + Result = FALSE; > > EvpRsaKey = NULL; > > EvpVerifyCtx = NULL; > > KeyCtx = NULL; > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c > > index b66b6f7296ad..ece765f9ae0a 100644 > > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c > > @@ -97,6 +97,7 @@ RsaPssSign ( > > EVP_PKEY_CTX *KeyCtx; > > CONST EVP_MD *HashAlg; > > > > + Result = FALSE; > > EvpRsaKey = NULL; > > EvpVerifyCtx = NULL; > > KeyCtx = NULL; > > -- > > 2.17.6