From: Andrew Tridgell <andrew@tridgell.net>
Date: Fri, 12 Jun 2026 00:53:01 +0000 (+1000)
Subject: scan-build: zero-init buffers the analyzer can't prove are written
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=412cddf6bec5a7464359c60260640ee473c1e8e0;p=thirdparty%2Frsync.git

scan-build: zero-init buffers the analyzer can't prove are written

clang's static analyzer doesn't model SIVAL/SIVAL64/SIVALu or
getpeername/getsockname as initializing their target bytes, so it
reports false "garbage value" reads. Zero-init the affected buffers;
the bytes are always overwritten at runtime, so this only quiets the
analyzer.

io.c:     write_varint/write_varlong b[]
hashtable.c: hash_search buf[]
socket.c: accepted_peer/our_local
---

diff --git a/hashtable.c b/hashtable.c
index f4aa85f1..4f8929d6 100644
--- a/hashtable.c
+++ b/hashtable.c
@@ -120,7 +120,7 @@ void *hashtable_find(struct hashtable *tbl, int64 key, void *data_when_new)
 
 	if (!key64) {
 		/* Based on Jenkins One-at-a-time hash. */
-		uchar buf[4], *keyp = buf;
+		uchar buf[4] = {0}, *keyp = buf; /* {0} only to satisfy the analyzer (SIVALu fills buf) */
 		int i;
 
 		SIVALu(buf, 0, key);
diff --git a/io.c b/io.c
index 0b96c270..2dfeeaa3 100644
--- a/io.c
+++ b/io.c
@@ -2163,7 +2163,7 @@ void write_int(int f, int32 x)
 
 void write_varint(int f, int32 x)
 {
-	char b[5];
+	char b[5] = {0}; /* {0} only to satisfy the analyzer: it doesn't model SIVAL initialising b[1..4] */
 	uchar bit;
 	int cnt;
 
@@ -2185,7 +2185,7 @@ void write_varint(int f, int32 x)
 
 void write_varlong(int f, int64 x, uchar min_bytes)
 {
-	char b[9];
+	char b[9] = {0}; /* {0} only to satisfy the analyzer: it doesn't model SIVAL64 initialising b[1..8] */
 	uchar bit;
 	int cnt = 8;
 
diff --git a/socket.c b/socket.c
index d5aa0cb7..4ac79ec7 100644
--- a/socket.c
+++ b/socket.c
@@ -802,7 +802,8 @@ static int socketpair_tcp(int fd[2])
 	 * the local address of our connecting end (fd[1]), and both must be
 	 * loopback.  If they differ, someone else connected first; fail closed. */
 	{
-		struct sockaddr_in accepted_peer, our_local;
+		/* {0}: the analyzer doesn't model getpeername/getsockname filling these. */
+		struct sockaddr_in accepted_peer = {0}, our_local = {0};
 		socklen_t plen = sizeof accepted_peer;
 		socklen_t llen = sizeof our_local;