[OpenSIPS-Devel] [OpenSIPS/opensips] 715e3b: Possible free of unitialized variable

Thu Aug 28 09:13:43 UTC 2025

  Branch: refs/heads/3.4
  Home:   https://github.com/OpenSIPS/opensips
  Commit: 715e3b1ab5205e3946765a6ffafb6620b11b5a73
      https://github.com/OpenSIPS/opensips/commit/715e3b1ab5205e3946765a6ffafb6620b11b5a73
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/aaa_diameter/app_opensips/avps.c

  Log Message:
  -----------
  Possible free of unitialized variable

It is possible that we can jump to `error` where we free `nt_name` right
before initialization. So better to initialize it first.

```
Compiling app_opensips/avps.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='aaa_diameter' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c app_opensips/avps.c -o app_opensips/avps.o
app_opensips/avps.c: In function ‘parse_attr_def’:
app_opensips/avps.c:732:9: warning: ‘nt_name’ may be used uninitialized [-Wmaybe-uninitialized]
  732 |         free(nt_name);
      |         ^~~~~~~~~~~~~
app_opensips/avps.c:564:22: note: ‘nt_name’ was declared here
  564 |         char *name, *nt_name, *newp, *p = line, *end = p + len;
      |                      ^~~~~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 233769bc12106c6478f4186547455fecdc9b2375)

  Commit: 665ff0b560db9ac43cd43747c5d6c8f0d9e176ba
      https://github.com/OpenSIPS/opensips/commit/665ff0b560db9ac43cd43747c5d6c8f0d9e176ba
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/clusterer/sharing_tags.c

  Log Message:
  -----------
  Possible use of unitialized variable

Variable `old_state` can be used w/o being initialized. This patch fixed
it.

```
Compiling sharing_tags.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='clusterer' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c sharing_tags.c -o sharing_tags.o
sharing_tags.c: In function ‘shtag_activate’:
sharing_tags.c:746:49: warning: ‘old_state’ may be used uninitialized [-Wmaybe-uninitialized]
  746 |         if (ret==SHTAG_STATE_ACTIVE && old_state!=SHTAG_STATE_ACTIVE) {
sharing_tags.c:685:18: note: ‘old_state’ was declared here
  685 |         int ret, old_state;
      |                  ^~~~~~~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 1c31a680e3456e9afa12f7071f9ac92fbbb89b4c)

  Commit: 0122e9e0c81e31a0851371c28d052f5bbc4db1bc
      https://github.com/OpenSIPS/opensips/commit/0122e9e0c81e31a0851371c28d052f5bbc4db1bc
  Author: Peter Lemenkov <lemenkov at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/event_kafka/kafka_producer.c

  Log Message:
  -----------
  Make GCC happy

GCC erroneously believes that `job_data` may be used uninitialized.
Let's help him understand the situation better.

```
Compiling kafka_producer.c
gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='event_kafka' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -DWITH_GZFILEOP -c kafka_producer.c -o kafka_producer.o
kafka_producer.c: In function ‘kafka_report_status’:
kafka_producer.c:422:57: warning: ‘job_data’ may be used uninitialized [-Wmaybe-uninitialized]
  422 |         if (p->job->type == KAFKA_JOB_SCRIPT && job_data->report_rt)
      |                                                 ~~~~~~~~^~~~~~~~~~~
kafka_producer.c:382:28: note: ‘job_data’ was declared here
  382 |         script_job_data_t *job_data;
      |                            ^~~~~~~~
```

Signed-off-by: Peter Lemenkov <lemenkov at gmail.com>
(cherry picked from commit 9472e648132e463d1e4c33c92d216c57808776b4)

  Commit: 03442ad071ed4b9c8044862a09b3cec324d30e5f
      https://github.com/OpenSIPS/opensips/commit/03442ad071ed4b9c8044862a09b3cec324d30e5f
  Author: Alexandra Titoc <oanatitoc at gmail.com>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/aaa_diameter/app_opensips/avps.c

  Log Message:
  -----------
  aaa_diameter: Fix memory leak

CID #417728

(cherry picked from commit d8bcc140276b1a3932564d3a9e2e63d4fc99e6c6)

  Commit: 248f002c1c26f314dc44418805b0ead0510b5c75
      https://github.com/OpenSIPS/opensips/commit/248f002c1c26f314dc44418805b0ead0510b5c75
  Author: Razvan Crainea <razvan at opensips.org>
  Date:   2025-08-26 (Tue, 26 Aug 2025)

  Changed paths:
    M modules/aaa_diameter/app_opensips/avps.c
    M modules/event_kafka/kafka_producer.c

  Log Message:
  -----------
  Avoid crashes in case variable are NULL

Completes #3690

(cherry picked from commit c25a8fff733d8b1755e649b6de03415313f117c6)

  Commit: d6e250dc85e2737ccc33750fc4e50f05cb5f1127
      https://github.com/OpenSIPS/opensips/commit/d6e250dc85e2737ccc33750fc4e50f05cb5f1127
  Author: Razvan Crainea <razvan at opensips.org>
  Date:   2025-08-28 (Thu, 28 Aug 2025)

  Changed paths:
    M modules/b2b_sdp_demux/b2b_sdp_demux.c

  Log Message:
  -----------
  b2b_sdp_demux: Fix leak in b2b server key creation

Many thanks to Nuno Ferreira from Five9 for spotting, reporting and
fixing this.

(cherry picked from commit cc11d0aaffe6e791264ca290b17f3810f560a178)

Compare: https://github.com/OpenSIPS/opensips/compare/53edbb22966d...d6e250dc85e2

To unsubscribe from these emails, change your notification settings at https://github.com/OpenSIPS/opensips/settings/notifications