diff options
| author | Dan McGee <dan@archlinux.org> | 2012-04-09 07:42:04 +0200 |
|---|---|---|
| committer | Dan McGee <dan@archlinux.org> | 2012-04-09 07:46:54 +0200 |
| commit | ded66fbb62cdad37d577dc048e37f7cea7f7a4da (patch) | |
| tree | b80edeb140fccccbbd9abc6bd8d58c5bec331d57 /lib/libalpm/signing.c | |
| parent | ca090e10d264e4999e321b0a0b43736a34aa11d9 (diff) | |
| download | pacman-ded66fbb62cdad37d577dc048e37f7cea7f7a4da.tar.gz pacman-ded66fbb62cdad37d577dc048e37f7cea7f7a4da.tar.xz | |
Fix issues with unintialized variable value usage
Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm/signing.c')
| -rw-r--r-- | lib/libalpm/signing.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libalpm/signing.c b/lib/libalpm/signing.c index fc8dd5bb..7177d655 100644 --- a/lib/libalpm/signing.c +++ b/lib/libalpm/signing.c @@ -210,9 +210,9 @@ static int key_in_keychain(alpm_handle_t *handle, const char *fpr) } else { _alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(err)); } + gpgme_key_unref(key); error: - gpgme_key_unref(key); gpgme_release(ctx); return ret; } @@ -797,7 +797,7 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier, _("%s: key \"%s\" is unknown\n"), identifier, name); #ifdef HAVE_LIBGPGME { - int answer; + int answer = 0; alpm_pgpkey_t fetch_key; memset(&fetch_key, 0, sizeof(fetch_key)); |