From 02f207a76b45129e4d033c099e6d17581801c76e Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 13 Dec 2017 00:45:42 +0100 Subject: [PATCH] rand: add a clang-analyzer work-around scan-build would warn on a potential access of an uninitialized buffer. I deem it a false positive and had to add this somewhat ugly work-around to silence it. --- lib/rand.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/rand.c b/lib/rand.c index 2670af9d9..0769ed151 100644 --- a/lib/rand.c +++ b/lib/rand.c @@ -157,6 +157,12 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, unsigned char *bufp = buffer; DEBUGASSERT(num > 1); +#ifdef __clang_analyzer__ + /* This silences a scan-build warning about accesssing this buffer with + uninitialized memory. */ + memset(buffer, 0, sizeof(buffer)); +#endif + if((num/2 >= sizeof(buffer)) || !(num&1)) /* make sure it fits in the local buffer and that it is an odd number! */ return CURLE_BAD_FUNCTION_ARGUMENT;