Menu

#630 Fix uninitialized reads

Next_release
closed
nobody
None
5
2014-12-20
2014-11-18
Andrey Turbanov
No

Hello.
This patch resolve some uninitialized reads (UB):

  1. missing tabSize initialization in TiXmlDocument constructor
  2. read uninitialized _lang in Buffer class
  3. missing TabBar::_hLargeFont initialization

Also it fix incorrect pathes in VS2013 project

Errors report obtained by Dr.Memory tool

Error #1: UNINITIALIZED READ: reading 0x0039818c-0x00398190 4 byte(s)
# 0 TiXmlParsingData::Stamp               [c:\projects\notepad.plus.plus.git\powereditor\src\tinyxml\tinyxmlparser.cpp:75]
# 1 TiXmlDeclaration::Parse               [c:\projects\notepad.plus.plus.git\powereditor\src\tinyxml\tinyxmlparser.cpp:1088]
# 2 TiXmlDocument::Parse                  [c:\projects\notepad.plus.plus.git\powereditor\src\tinyxml\tinyxmlparser.cpp:464]
# 3 TiXmlDocument::LoadFile               [c:\projects\notepad.plus.plus.git\powereditor\src\tinyxml\tinyxml.cpp:743]
# 4 TiXmlDocument::LoadFile               [c:\projects\notepad.plus.plus.git\powereditor\src\tinyxml\tinyxml.cpp:678]
# 5 NppParameters::load                   [c:\projects\notepad.plus.plus.git\powereditor\src\parameters.cpp:1259]
# 6 WinMain                               [c:\projects\notepad.plus.plus.git\powereditor\src\winmain.cpp:241]
Note: @0:00:07.679 in thread 1708
Note: instruction: cmp    0x0c(%ecx) $0x00000001

Error #5: UNINITIALIZED READ: reading 0x00e47884-0x00e47888 4 byte(s)
# 0 Buffer::setFileName                                  [c:\projects\notepad.plus.plus.git\powereditor\src\scitillacomponent\buffer.cpp:147]
# 1 Buffer::Buffer                                       [c:\projects\notepad.plus.plus.git\powereditor\src\scitillacomponent\buffer.cpp:63]
# 2 FileManager::bufferFromDocument                      [c:\projects\notepad.plus.plus.git\powereditor\src\scitillacomponent\buffer.cpp:1100]
# 3 ScintillaEditView::attachDefaultDoc                  [c:\projects\notepad.plus.plus.git\powereditor\src\scitillacomponent\scintillaeditview.cpp:1412]
# 4 ScintillaEditView::init                              [c:\projects\notepad.plus.plus.git\powereditor\src\scitillacomponent\scintillaeditview.cpp:272]
# 5 Notepad_plus::init                                   [c:\projects\notepad.plus.plus.git\powereditor\src\notepad_plus.cpp:240]
# 6 Notepad_plus_Window::runProc                         [c:\projects\notepad.plus.plus.git\powereditor\src\nppbigswitch.cpp:93]
# 7 Notepad_plus_Window::Notepad_plus_Proc               [c:\projects\notepad.plus.plus.git\powereditor\src\nppbigswitch.cpp:79]
# 8 USER32.dll!gapfnScSendMessage                       +0x331    (0x766262fa <USER32.dll+0x162fa>)
# 9 USER32.dll!GetDC                                    +0x51     (0x76627316 <USER32.dll+0x17316>)
#10 USER32.dll!GetThreadDesktop                         +0x184    (0x76626de8 <USER32.dll+0x16de8>)
#11 USER32.dll!UnregisterClassW                         +0x7bb    (0x7662a740 <USER32.dll+0x1a740>)
#12 ntdll.dll!KiUserCallbackDispatcher                  +0x2d     (0x774c010a <ntdll.dll+0x1010a>)
#13 Notepad_plus_Window::init                            [c:\projects\notepad.plus.plus.git\powereditor\src\notepad_plus_window.cpp:81]
#14 WinMain                                              [c:\projects\notepad.plus.plus.git\powereditor\src\winmain.cpp:389]
Note: @0:00:11.818 in thread 1708
Note: instruction: cmp    %eax 0x14(%edx)

Error #11: UNINITIALIZED READ: reading 0x0039a3bc-0x0039a3c0 4 byte(s)
# 0 TabBarPlus::init                                     [c:\projects\notepad.plus.plus.git\powereditor\src\wincontrols\tabbar\tabbar.cpp:296]
# 1 DocTabView::init                                     [c:\projects\notepad.plus.plus.git\powereditor\src\scitillacomponent\doctabview.h:56]
# 2 Notepad_plus::init                                   [c:\projects\notepad.plus.plus.git\powereditor\src\notepad_plus.cpp:259]
# 3 Notepad_plus_Window::runProc                         [c:\projects\notepad.plus.plus.git\powereditor\src\nppbigswitch.cpp:93]
# 4 Notepad_plus_Window::Notepad_plus_Proc               [c:\projects\notepad.plus.plus.git\powereditor\src\nppbigswitch.cpp:79]
# 5 USER32.dll!gapfnScSendMessage                       +0x331    (0x766262fa <USER32.dll+0x162fa>)
# 6 USER32.dll!GetDC                                    +0x51     (0x76627316 <USER32.dll+0x17316>)
# 7 USER32.dll!GetThreadDesktop                         +0x184    (0x76626de8 <USER32.dll+0x16de8>)
# 8 USER32.dll!UnregisterClassW                         +0x7bb    (0x7662a740 <USER32.dll+0x1a740>)
# 9 ntdll.dll!KiUserCallbackDispatcher                  +0x2d     (0x774c010a <ntdll.dll+0x1010a>)
#10 Notepad_plus_Window::init                            [c:\projects\notepad.plus.plus.git\powereditor\src\notepad_plus_window.cpp:81]
#11 WinMain                                              [c:\projects\notepad.plus.plus.git\powereditor\src\winmain.cpp:389]
Note: @0:00:12.649 in thread 1708
Note: instruction: cmp    0x1c(%edx) $0x00000000

Note: Also there is a lot of other errors in generated report. I'll check they and fix as soon as I can.

1 Attachments
fix_uninit_read.patch

Discussion

  • Don HO

    Don HO - 2014-11-29
    • status: open --> accepted
     

  • Andrey Turbanov

    Andrey Turbanov - 2014-12-15

    Hello Don!
    Thank for accepting my patch. I'm pretty happy.

    One question:
    Why did you skip tabSize initialization in TiXmlDocument constructor?
    Does this constructor not used in final build? Or somethink like this?

     

  • Don HO

    Don HO - 2014-12-20
    • Status: accepted --> closed