Many times these tools produce false positives. It takes a trained developerto spot them. On Saturday, February 2, 2013, Michal Trojnara wrote:
On 2013-01-30 03:00, Arthur Mesh wrote:
I, the copyright holder of this work, hereby release it into the public domain. This applies worldwide.
In case this is not legally possible, I grant any entity the right to use this work for any purpose, without any conditions, unless such conditions are required by law. Thank you. - char line_text[CONFLINELEN], *errstr; + char line_text[CONFLINELEN], *errstr = NULL; Were you able to identify a case where it's used without initialization? This is interesting. It would be a good idea to fix it there instead of implementing a workaround here. - s_log(LOG_ERR, "Service [%s]: %s", section->servname, errstr); + s_log(LOG_ERR, "Service [%s]: %s", section ? section->servname : "", + errstr); Again it would be useful to fix the root cause instead of implementing a workaround. - if(!strcasecmp(fl->name, string)) { + if(string && !strcasecmp(fl->name, string)) { Could you give an example parameter where "string" may be NULL here?
Mike