Date: Fri, 25 Apr 2014 15:40:11 -0600 From: Chad Perrin <code@apotheon.net> To: freebsd-security@freebsd.org Subject: Re: OpenSSL static analysis, was: De Raadt + FBSD + OpenSSH + hole? Message-ID: <20140425214011.GD9479@glaze.hydra> In-Reply-To: <32377.1398460907@server1.tristatelogic.com> References: <CAG5KPzw_cOfFLX_kn=5DWAX%2Bz%2B9VeXuzo3Q8YekDJG37tDQ_wQ@mail.gmail.com> <32377.1398460907@server1.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 25, 2014 at 02:21:47PM -0700, Ronald F. Guilmette wrote: > > In message <CAG5KPzw_cOfFLX_kn=5DWAX+z+9VeXuzo3Q8YekDJG37tDQ_wQ@mail.gmail.com> > Ben Laurie <benl@freebsd.org> wrote: > > >But that would then hide the error condition of it being not set to a > >new value after initialisation. > > The (modified/quieted) code example under discussion is as follows: > > variable = value0; /* initialization */ > if (condition) variable = value1; > if (!condition) variable = value2; > use (variable); > > Please note that variable *is* *always* set to some value (either value1 > or value2) after initialization. The "error condition" that you seem > concerned about having explicitly flagged does not in fact exist in the > example code snippet under discussion. > > >One better answer would be to have a way to annotate that after the > >two conditionals you assert that |variable| is initialised. Then a > >future, smarter static analyzer can attempt to prove you wrong. > > Sir, is there any sense in which the final line of the above example > _does not_ already and standing all by itself constitute an implicit > assertion that "variable" has been initialized by that point in the > code? I do believe you are right . . . at least until the code needs to be edited for some reason. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140425214011.GD9479>