From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 12 Dec 2017 23:45:42 +0000 (+0100)
Subject: rand: add a clang-analyzer work-around
X-Git-Tag: curl-7_58_0~61
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=02f207a76b45129e4d033c099e6d17581801c76e;p=curl

rand: add a clang-analyzer work-around

scan-build would warn on a potential access of an uninitialized
buffer. I deem it a false positive and had to add this somewhat ugly
work-around to silence it.
---

diff --git a/lib/rand.c b/lib/rand.c
index 2670af9d9..0769ed151 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -157,6 +157,12 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
   unsigned char *bufp = buffer;
   DEBUGASSERT(num > 1);
 
+#ifdef __clang_analyzer__
+  /* This silences a scan-build warning about accesssing this buffer with
+     uninitialized memory. */
+  memset(buffer, 0, sizeof(buffer));
+#endif
+
   if((num/2 >= sizeof(buffer)) || !(num&1))
     /* make sure it fits in the local buffer and that it is an odd number! */
     return CURLE_BAD_FUNCTION_ARGUMENT;