2012.07.06 19:28 "[Tiff] Challenge to properly eliminate warning", by Bob Friesenhahn

2012.07.06 20:22 "Re: [Tiff] Challenge to properly eliminate warning", by Bob Friesenhahn

> From similar problems in other code, I suspect it comes from all the code of the form:

    err=TIFFReadDirEntryLong(tif,dp,&data);
    if (err==TIFFReadDirEntryErrOk)
    {
        if (!TIFFSetField(tif,dp->tdir_tag,data))
            return(0);
    }

    We rely on the fact that data is always initialized when

TIFFReadDirEntryLong returns no error. gcc most likely does not understand such complex logic. It will figure that data is "not always initialized" by the function and then later "potentially used".

I think that the compiler does understand the complex logic and that there must be cases where no error is returned but the data was not updated. It requires -O2 optimization level before these issues are detected. At this level, GCC is inlining the short functions in the module so it sees a lot of issues it would not otherwise see.

It only requires a single case where the error indication is not set or used correctly so that 'data' gets consumed when it should not be in order to produce this warning.

Unfortunately, there are a multitude of paths executed under TIFFReadDirEntryByte() so it is difficult to determine which ones might include the weakness.

Bob
--
Bob Friesenhahn
bfriesen@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/