[New-bugs-announce] [issue40713] _zoneinfo.c can use dst_offset without initialization in parse_tz_str()
Rémi Lapeyre
report at bugs.python.org
Thu May 21 09:47:59 EDT 2020
New submission from Rémi Lapeyre <remi.lapeyre at henki.fr>:
Here's the warning given by clang:
/Users/remi/src/cpython/Modules/_zoneinfo.c:1487:9: warning: variable 'dst_offset' is used uninitialized whenever 'if'
condition is true [-Wsometimes-uninitialized]
if (*p == '\0') {
^~~~~~~~~~
/Users/remi/src/cpython/Modules/_zoneinfo.c:1544:50: note: uninitialized use occurs here
build_tzrule(std_abbr, dst_abbr, std_offset, dst_offset, start, end, out);
^~~~~~~~~~
/Users/remi/src/cpython/Modules/_zoneinfo.c:1487:5: note: remove the 'if' if its condition is always false
if (*p == '\0') {
^~~~~~~~~~~~~~~~~
/Users/remi/src/cpython/Modules/_zoneinfo.c:1460:32: note: initialize the variable 'dst_offset' to silence this warning
long std_offset, dst_offset;
^
= 0
/Users/remi/src/cpython/Modules/_zoneinfo.c:1910:19: warning: suggest braces around initialization of subobject
[-Wmissing-braces]
_tzrule rv = {0};
^
{}
Looking at the code path, the unitialized dst_offset may create a ZoneInfo with a garbage value in dstoff with some inputs so this should be backported to Python3.9 too.
----------
components: Library (Lib)
messages: 369523
nosy: remi.lapeyre
priority: normal
severity: normal
status: open
title: _zoneinfo.c can use dst_offset without initialization in parse_tz_str()
type: behavior
versions: Python 3.10, Python 3.9
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue40713>
_______________________________________
More information about the New-bugs-announce
mailing list