[Bf-committers] Possible uninitialized code error in init_structDNA()

Chad Fraleigh chadf at triularity.org
Mon Oct 1 02:16:59 CEST 2012

While looking at init_structDNA() in
source/blender/makesdna/intern/dna_genfile.c (line 316 in v2.63a), I
noticed these fragments of code:

        int *data, *verg, gravity_fix= -1;

        char str[8], *cp;

        verg= (int *)str;
        data= (int *)sdna->data;

        strcpy(str, "SDNA");
        if ( *data == *verg ) {

I must assume that 'str' is declared as char[8] to hold space for
either a 32-bit or 64-bit integer, which 'verg' is then cast as later.
A string of 4 characters is then copied into it to initialize the
array, after which it's value is compared through out the function. So
if run on a 32-bit system, everything is fine.. but on a 64-bit system
there could be problems. Since 'str' is allocated on the stack it's
contents are by default undefined/random. The strcpy() will fill in
the first 5 bytes (4 letters and the null), but the last 3 bytes will
still be potential junk. This would imply that any 64-bit int compares
would be unreliable.

So am I missing something here, or is the compiler _always_ being
forced to zero-initialize stack data using some switch, that would
make this code not really a problem, ever (and I'm just being
paranoid)? If it is a potential issue, then 'str' should be
pre-initialized with memset(str, 0, 8); or something equivalent for
the last 3 bytes.

More information about the Bf-committers mailing list