[Bug libc/10391] New: conditional jump depends on uninitialised value in __libc_res_nsend

["dank at kegel dot com" <sourceware-bugzilla at sourceware dot org>]

Originally reported to Ubuntu
( https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/399580 )
but inspection of current glibc source makes me suspect
the problem's still in the latest sources.

Running the (32-bit) google-chromium ui_tests all day under valgrind on
64 bit jaunty netted a single instance of this warning:

Conditional jump or move depends on uninitialised value(s)
   at __libc_res_nsend (res_send.c:1011)
   by __libc_res_nquery (res_query.c:225)
   by __libc_res_nquerydomain (res_query.c:569)
   by __libc_res_nsearch (res_query.c:370)
   by _nss_dns_gethostbyname3_r (dns-host.c:197)
   by _nss_dns_gethostbyname2_r (dns-host.c:245)
   by gethostbyname2_r@@GLIBC_2.1.2 (getXXbyYY_r.c:253)
   by gaih_inet (getaddrinfo.c:531)
   by getaddrinfo (getaddrinfo.c:2154)

Looking at the source for glibc in ia32-libs-2.7ubuntu6, I see
   1009 if (n == 0) {
   1010  Dprint(statp->options & RES_DEBUG, (stdout, ";; timeout\n"));
   1011  if (resplen > 1 && (recvresp1 || (buf2 != NULL && recvresp2)))

Inspecting the source, I agree with valgrind that
resplen is probably uninitialised there.
Although this file has changed in the latest glibc from git,
that variable still looks uninitialised there.

Perhaps this warning occurs infrequently because DNS usually doesn't time out.

-- 
           Summary: conditional jump depends on uninitialised value in
                    __libc_res_nsend
           Product: glibc
           Version: 2.9
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: dank at kegel dot com
                CC: glibc-bugs at sources dot redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=10391

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.