0010107: call of js_free on uninitialized pointer

ID	Project	Category	View Status	Date Submitted	Last Update

0010107	Taler	qtart	public	2025-06-15 13:12	2025-06-17 00:36

Reporter	oec	Assigned To	Florian Dold
Priority	urgent	Severity	crash	Reproducibility	random
Status	resolved	Resolution	fixed
Product Version	git (master)
Target Version	1.0 stretch goals

Summary	0010107: call of js_free on uninitialized pointer
Description	In quickjs-libc.c, function `js_os_post_message_from_host`: ```c 4452 int 4453 js_os_post_message_from_host(JSContext ctx, const char msg_str) 4454 { 4455 JSThreadState ts = JS_GetRuntimeOpaque(JS_GetRuntime(ctx)); 4456 JSHostMessage msg; 4457 JSHostMessagePipe hp; 4458 uint8_t data; 4459 ... 4491 js_free(ctx, data); 4492 return -1; 4493 } ``` `data` is never initialized. Yet, it is freed in line 4491. This might lead to a crash of qtart.
Additional Information	The compiler had warned me. Why has this not been fixed already!?
Tags	security

Florian Dold 2025-06-17 00:35 manager ~0025266	commit be93b6ac80f366d400abe7aaffb1e53d231cae32 (HEAD -> master, origin/master, origin/HEAD) Author: Florian Dold <florian@dold.me> Date: Tue Jun 17 00:35:18 2025 +0200 fix 0010107: call of js_free on uninitialized pointer

Florian Dold 2025-06-17 00:35 manager ~0025267	Looks like only clang detects this with default warnings, gcc doesn't! That's why we didn't notice/fix this earlier.

Date Modified	Username	Field	Change
2025-06-15 13:12	oec	New Issue
2025-06-15 13:17	oec	Description Updated
2025-06-15 14:58	Christian Grothoff	Assigned To	=> Florian Dold
2025-06-15 14:58	Christian Grothoff	Priority	normal => urgent
2025-06-15 14:58	Christian Grothoff	Status	new => assigned
2025-06-15 14:58	Christian Grothoff	Target Version	=> 1.0 stretch goals
2025-06-15 14:58	Christian Grothoff	Tag Attached: security
2025-06-17 00:35	Florian Dold	Note Added: 0025266
2025-06-17 00:35	Florian Dold	Note Added: 0025267
2025-06-17 00:36	Florian Dold	Status	assigned => resolved
2025-06-17 00:36	Florian Dold	Resolution	open => fixed