Bug#976728: gnote: Use of an uninitialized variable

Davide Prina Davide.Prina at gmail.com
Mon Dec 7 13:34:29 GMT 2020 

Package: gnote
Version: 3.38.0-1
Severity: normal
Tags: patch
X-Debbugs-Cc: Davide.Prina at gmail.com

$ valgrind --leak-check=full  --num-callers=50 --show-reachable=no --show-possibly-lost=no --track-origins=yes --trace-children=yes gnote
[...]
==35493== Conditional jump or move depends on uninitialised value(s)
==35493==    at 0x1A8DBD: gnote::sync::SyncManager::update_sync_action() (syncmanager.cpp:434)
[...]
==35493==  Uninitialised value was created by a heap allocation
==35493==    at 0x4838DEF: operator new(unsigned long) (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==35493==    by 0x171697: gnote::Gnote::common_init() (gnote.cpp:153)
[...]

as you can see at gnote.cpp:153
m_sync_manager = new sync::SyncManager(*this, default_note_manager());

m_sync_manager is allocated, but at syncmanager.cpp:434
if(timeoutPref != m_autosync_timeout_pref_minutes) {

m_autosync_timeout_pref_minutes is used before it is initialized.

I propose a simple patch that initialize m_autosync_timeout_pref_minutes
with values 1 in the SyncManager constructor. I don't know if this
values can be correct or it is too small.

I tested the patch on my system.

I attach the patch

Ciao
Davide


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'testing-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.9.11-dp-20201203 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnote depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.38.0-1
ii  libatkmm-1.6-1v5                             2.28.0-2
ii  libc6                                        2.31-5
ii  libgcc-s1                                    10.2.0-19
ii  libglib2.0-0                                 2.66.3-2
ii  libglibmm-2.4-1v5                            2.64.2-2
ii  libgspell-1-2                                1.8.4-1
ii  libgtk-3-0                                   3.24.23-3
ii  libgtkmm-3.0-1v5                             3.24.2-2
ii  libpango-1.0-0                               1.46.2-3
ii  libpangomm-1.4-1v5                           2.42.1-1
ii  libsecret-1-0                                0.20.3-1
ii  libsigc++-2.0-0v5                            2.10.4-2
ii  libstdc++6                                   10.2.0-19
ii  libuuid1                                     2.36.1-2
ii  libxml2                                      2.9.10+dfsg-6.3
ii  libxslt1.1                                   1.1.34-4

gnote recommends no packages.

gnote suggests no packages.

-- no debconf information
-------------- next part --------------
--- /tmp/1/syncmanager.cpp	2020-12-07 14:31:51.179232605 +0100
+++ src/synchronization/syncmanager.cpp	2020-12-07 12:42:55.414523473 +0100
@@ -47,6 +47,7 @@
     , m_state(IDLE)
     , m_sync_thread(NULL)
   {
+  m_autosync_timeout_pref_minutes = 1;
   }

More information about the pkg-gnome-maintainers mailing list