| Title | Use of uninitialized variable in ProtThreadRegister on XC |
| Status | closed |
| Priority | essential |
| Assigned user | Gareth Rees |
| Organization | Ravenbrook |
| Description | In protxc.c, the function ProtThreadRegister calls thread_swap_exception_ports passing &old_exception_count for the seventh argument, without initializing old_exception_count. The documentation [1] says, "old_exception_count [pointer to in/out scalar] On input, the maximum size of the array buffers; on output, the number of returned sets returned." |
| Analysis | On input, this must have the value 1 (as this is all the space we have allocated for returned arrays). |
| How found | inspection |
| Evidence | [1] http://web.mit.edu/darwin/src/modules/xnu/osfmk/man/TS_exception_ports.html |
| Created by | Gareth Rees |
| Created on | 2016-09-04 14:23:58 |
| Last modified by | Gareth Rees |
| Last modified on | 2016-09-04 14:28:28 |
| History | 2016-09-04 GDR Created. |
| Change | Effect | Date | User | Description |
|---|---|---|---|---|
| 192128 | closed | 2016-09-04 14:28:28 | Gareth Rees | Initialize in/out parameter old_exception_count before passing it to thread_swap_exception_ports. |