[OpenSIPS-Devel] [OpenSIPS/opensips] 7ed2e6: Possible free of unitialized variable

Tue Aug 26 14:49:58 UTC 2025

  Branch: refs/heads/3.5
  Home:   https://github.com/OpenSIPS/opensips
  Commit: 7ed2e62eb47d47d80aad1665d39c22fa368d5476
      https://github.com/OpenSIPS/opensips/commit/7ed2e62eb47d47d80aad1665d39c22fa368d5476
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/aaa_diameter/app_opensips/avps.c

  Log Message:
  -----------
  Possible free of unitialized variable

It is possible that we can jump to `error` where we free `nt_name` right
before initialization. So better to initialize it first.

```
Compiling app_opensips/avps.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='aaa_diameter' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c app_opensips/avps.c -o app_opensips/avps.o
app_opensips/avps.c: In function ‘parse_attr_def’:
app_opensips/avps.c:732:9: warning: ‘nt_name’ may be used uninitialized [-Wmaybe-uninitialized]
  732 |         free(nt_name);
      |         ^~~~~~~~~~~~~
app_opensips/avps.c:564:22: note: ‘nt_name’ was declared here
  564 |         char *name, *nt_name, *newp, *p = line, *end = p + len;
      |                      ^~~~~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 233769bc12106c6478f4186547455fecdc9b2375)

  Commit: 474da909071276117077c5e036066db6cf349749
      https://github.com/OpenSIPS/opensips/commit/474da909071276117077c5e036066db6cf349749
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/clusterer/sharing_tags.c

  Log Message:
  -----------
  Possible use of unitialized variable

Variable `old_state` can be used w/o being initialized. This patch fixed
it.

```
Compiling sharing_tags.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='clusterer' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c sharing_tags.c -o sharing_tags.o
sharing_tags.c: In function ‘shtag_activate’:
sharing_tags.c:746:49: warning: ‘old_state’ may be used uninitialized [-Wmaybe-uninitialized]
  746 |         if (ret==SHTAG_STATE_ACTIVE && old_state!=SHTAG_STATE_ACTIVE) {
sharing_tags.c:685:18: note: ‘old_state’ was declared here
  685 |         int ret, old_state;
      |                  ^~~~~~~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 1c31a680e3456e9afa12f7071f9ac92fbbb89b4c)

  Commit: 7980a7f03ca1d4a7081dc316cca7ac71afef3de3
      https://github.com/OpenSIPS/opensips/commit/7980a7f03ca1d4a7081dc316cca7ac71afef3de3
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/event_kafka/kafka_producer.c

  Log Message:
  -----------
  Make GCC happy

GCC erroneously believes that `job_data` may be used uninitialized.
Let's help him understand the situation better.

```
Compiling kafka_producer.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='event_kafka' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -DWITH_GZFILEOP -c kafka_producer.c -o kafka_producer.o
kafka_producer.c: In function ‘kafka_report_status’:
kafka_producer.c:422:57: warning: ‘job_data’ may be used uninitialized [-Wmaybe-uninitialized]
  422 |         if (p->job->type == KAFKA_JOB_SCRIPT && job_data->report_rt)
      |                                                 ~~~~~~~~^~~~~~~~~~~
kafka_producer.c:382:28: note: ‘job_data’ was declared here
  382 |         script_job_data_t *job_data;
      |                            ^~~~~~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 9472e648132e463d1e4c33c92d216c57808776b4)

  Commit: bdf608c20dfcc7bee37171ec876e3dc3caebb665
      https://github.com/OpenSIPS/opensips/commit/bdf608c20dfcc7bee37171ec876e3dc3caebb665
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/http2d/http2d.c

  Log Message:
  -----------
  Make GCC happy

GCC erroneously believes that `hdrs` may be used uninitialized. Let's
help him understand the situation better.

```
Compiling http2d.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='http2d' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include -c http2d.c -o http2d.o
http2d.c: In function ‘h2_send_response’:
http2d.c:267:25: warning: ‘hdrs’ may be used uninitialized [-Wmaybe-uninitialized]
  267 |                 for (it = hdrs->child; it; it = it->next, nh++, r->hdrs_len++) {
      |                      ~~~^~~~~~~~~~~~~
http2d.c:138:16: note: ‘hdrs’ was declared here
  138 |         cJSON *hdrs, *it;
      |                ^~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 19e2fac6f8f6064128f01b2a56ecbc3cc32b6408)

  Commit: 8d49f2b0471ac104f3c1bbfc03d53fca7e69cdc1
      https://github.com/OpenSIPS/opensips/commit/8d49f2b0471ac104f3c1bbfc03d53fca7e69cdc1
  Author: Alexandra Titoc <oanatitoc at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/aaa_diameter/app_opensips/avps.c

  Log Message:
  -----------
  aaa_diameter: Fix memory leak

CID #417728

(cherry picked from commit d8bcc140276b1a3932564d3a9e2e63d4fc99e6c6)

  Commit: 261187bb3e2a1d3d381cdc320b310cd09ee6bcb8
      https://github.com/OpenSIPS/opensips/commit/261187bb3e2a1d3d381cdc320b310cd09ee6bcb8
  Author: Razvan Crainea <razvan at opensips.org>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/aaa_diameter/app_opensips/avps.c
    M modules/event_kafka/kafka_producer.c
    M modules/http2d/http2d.c

  Log Message:
  -----------
  Avoid crashes in case variable are NULL

Completes #3690

(cherry picked from commit c25a8fff733d8b1755e649b6de03415313f117c6)

Compare: https://github.com/OpenSIPS/opensips/compare/599ef20bd995...261187bb3e2a

To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications