From 141997475ca5d927c1d48ca5a737b55526c85d15 Mon Sep 17 00:00:00 2001 From: Jason Gerecke Date: Sat, 21 Apr 2018 09:53:04 -0700 Subject: [PATCH] BFM demod: RDS demod: Initialize RDSDemod array elements The m_parms.tot_errs array is not initialized prior to its first use in the RDSDemod::biphase function. ASAN does not pick up on this directly, but instead reports it as follows (note that ASAN fills memory with 0xBE and -1094795586 is 0xBEBEBEBE): ./plugins/channelrx/demodbfm/rdsdemod.cpp:159:95: runtime error: signed integer overflow: -1094795586 + -1094795586 cannot be represented in type 'int' The m_parms.subcarr_bb array does not appear to be read prior to initialization, but we initialize it to zero anyway for the sake of good hygiene. --- plugins/channelrx/demodbfm/rdsdemod.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/channelrx/demodbfm/rdsdemod.cpp b/plugins/channelrx/demodbfm/rdsdemod.cpp index fd5094f75..c38cccdf8 100644 --- a/plugins/channelrx/demodbfm/rdsdemod.cpp +++ b/plugins/channelrx/demodbfm/rdsdemod.cpp @@ -36,6 +36,7 @@ RDSDemod::RDSDemod() m_srate = 250000; m_parms.subcarr_phi = 0; + memset(m_parms.subcarr_bb, 0, sizeof(m_parms.subcarr_bb)); m_parms.clock_offset = 0; m_parms.clock_phi = 0; m_parms.prev_clock_phi = 0; @@ -48,6 +49,7 @@ RDSDemod::RDSDemod() m_parms.prev_acc = 0; m_parms.counter = 0; m_parms.reading_frame = 0; + memset(m_parms.tot_errs, 0, sizeof(m_parms.tot_errs)); m_parms.dbit = 0; m_prev = 0.0f; memset(m_xv, 0, 6*sizeof(Real));