[Chilli] bug in dhcp.c ???

Stig stig at ubnt.com
Wed Nov 30 01:18:04 UTC 2011


I'm cross-compiling coova-chilli (v1.2.7) for a mips platform.  This
tool chain defaults to -O3 and during the compile it fails on:

dhcp.c:3113: error: ‘conn’ may be used uninitialized in this function

If I change the optimization level to -O2, then it compiles but it
does look like a real bug to me (although unlikely to hit that error
condition).

In dhcp.c::dhcp_receive_ip() we have:

  struct dhcp_conn_t *conn;                 <=== uninitialized pointer
  struct in_addr ourip;
  struct in_addr addr;

  char do_checksum = 0;
  char allowed = 0;
  char has_ip = 0;
  char is_dhcp = 0;

  int authstate = 0;

#ifdef ENABLE_LAYER3
  struct app_conn_t *appconn = 0;
#endif

  if (len < PKT_IP_HLEN + PKT_ETH_HLEN + 4)
    return 0;

  /*
   *  Only supports IPv4 currently.
   */
  if (pack_iph->version_ihl != PKT_IP_VER_HLEN) {
#if(_debug_)
    log_dbg("dropping non-IPv4");
#endif
    return 0;
  }

  /*
   * Sanity check on IP total length
   */
  if ((int)ntohs(pack_iph->tot_len) + sizeofeth(pack) > len) {
    uint8_t icmp_pack[PKT_BUFFER];
    struct dhcp_t *this = conn->parent;
<== dereference unitialized pointer



Any thoughts?

stig


More information about the Chilli mailing list