This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: _zoneinfo.c can use dst_offset without initialization in parse_tz_str()
Type: behavior Stage: resolved
Components: Library (Lib) Versions: Python 3.10, Python 3.9
process
Status: closed Resolution: duplicate
Dependencies: Superseder:
Assigned To: Nosy List: p-ganssle, remi.lapeyre
Priority: normal Keywords: patch

Created on 2020-05-21 13:47 by remi.lapeyre, last changed 2022-04-11 14:59 by admin. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 20289 closed remi.lapeyre, 2020-05-21 13:49
Messages (2)
msg369523 - (view) Author: Rémi Lapeyre (remi.lapeyre) * Date: 2020-05-21 13:47 
Here's the warning given by clang:


/Users/remi/src/cpython/Modules/_zoneinfo.c:1487:9: warning: variable 'dst_offset' is used uninitialized whenever 'if'
      condition is true [-Wsometimes-uninitialized]
    if (*p == '\0') {
        ^~~~~~~~~~
/Users/remi/src/cpython/Modules/_zoneinfo.c:1544:50: note: uninitialized use occurs here
    build_tzrule(std_abbr, dst_abbr, std_offset, dst_offset, start, end, out);
                                                 ^~~~~~~~~~
/Users/remi/src/cpython/Modules/_zoneinfo.c:1487:5: note: remove the 'if' if its condition is always false
    if (*p == '\0') {
    ^~~~~~~~~~~~~~~~~
/Users/remi/src/cpython/Modules/_zoneinfo.c:1460:32: note: initialize the variable 'dst_offset' to silence this warning
    long std_offset, dst_offset;
                               ^
                                = 0
/Users/remi/src/cpython/Modules/_zoneinfo.c:1910:19: warning: suggest braces around initialization of subobject
      [-Wmissing-braces]
    _tzrule rv = {0};
                  ^
                  {}

Looking at the code path, the unitialized dst_offset may create a ZoneInfo with a garbage value in dstoff with some inputs so this should be backported to Python3.9 too.
msg369534 - (view) Author: Paul Ganssle (p-ganssle) * (Python committer) Date: 2020-05-21 19:39 
This is a duplicate of bpo-40714. It's a bit of an overzealous compiler warning (as far as I can tell it's not true that the uninitialized value would ever be used), but we fixed it anyway in GH-20291.

Thanks for the report!
History
Date User Action Args
2022-04-11 14:59:31adminsetgithub: 84890
2020-05-21 19:39:40p-gansslesetstatus: open -> closed

nosy: + p-ganssle
messages: + msg369534

resolution: duplicate
stage: patch review -> resolved
2020-05-21 13:49:57remi.lapeyresetkeywords: + patch
stage: patch review
pull_requests: + pull_request19564
2020-05-21 13:47:59remi.lapeyrecreate