From 3f035cb3cc9431b5ae603b165e220efe494227c5 Mon Sep 17 00:00:00 2001 From: William Casarin Date: Fri, 24 May 2019 03:03:32 -0700 Subject: [PATCH] gossipd: fix uninitialized free on short_route in goto path MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix a path where tal_free is called on an uninitialized variable If the first `goto bad_total` executes, then that path has uninitialized `short_route` but bad_total passes through to `out` whose first call is tal_free(short_route). This was noticed by a maybe-uninitialized heuristic on gcc 7.4.0: gossipd/routing.c: In function ‘find_shorter_route’: gossipd/routing.c:1096:2: error: ‘short_route’ may be used uninitialized in this function [-Werror=maybe-uninitialized] tal_free(short_route); Reported-by: @ZmnSCPxj Signed-off-by: William Casarin --- gossipd/routing.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gossipd/routing.c b/gossipd/routing.c index 388425128..b016eba4b 100644 --- a/gossipd/routing.c +++ b/gossipd/routing.c @@ -988,7 +988,7 @@ find_shorter_route(const tal_t *ctx, struct routing_state *rstate, struct amount_msat *fee) { struct unvisited *unvisited; - struct chan **short_route; + struct chan **short_route = NULL; struct amount_msat long_cost, short_cost, cost_diff; u64 min_bias, max_bias; double riskfactor;