[glib: 3/6] gvariant: Zero-initialise GVariantBuilder children under static analysis

[Sebastian Dröge <sdroege src gnome org>]

commit 504727c31750bbd88e375011e5596e06a4b2694a
Author: Philip Withnall <pwithnall endlessos org>
Date:   Tue Jun 7 11:08:14 2022 +0100

    gvariant: Zero-initialise GVariantBuilder children under static analysis
    
    scan-build can’t link the types used in `g_variant_builder_init()` with
    the (same) types used in `g_variant_builder_end()`, so ends up assuming
    that the children have not been initialised.
    
    At runtime, this is prevented by the precondition checks on
    `GVSB()->offset` in `g_variant_builder_end()`. scan-build doesn’t notice
    that though.
    
    Avoid a scan-build warning by zero-initialising the children array when
    running static analysis. Doing this unconditionally would be an
    unnecessary performance hit.
    
    Signed-off-by: Philip Withnall <pwithnall endlessos org>

 glib/gvariant.c | 11 +++++++++++
 1 file changed, 11 insertions(+)
---
diff --git a/glib/gvariant.c b/glib/gvariant.c
index e9399710e7..062c2582e8 100644
--- a/glib/gvariant.c
+++ b/glib/gvariant.c
@@ -3484,8 +3484,19 @@ g_variant_builder_init (GVariantBuilder    *builder,
       g_assert_not_reached ();
    }
 
+#ifdef G_ANALYZER_ANALYZING
+  /* Static analysers can’t couple the code in g_variant_builder_init() to the
+   * code in g_variant_builder_end() by GVariantType, so end up assuming that
+   * @offset and @children mismatch and that uninitialised memory is accessed
+   * from @children. At runtime, this is caught by the preconditions at the top
+   * of g_variant_builder_end(). Help the analyser by zero-initialising the
+   * memory to avoid a false positive. */
+  GVSB(builder)->children = g_new0 (GVariant *,
+                                    GVSB(builder)->allocated_children);
+#else
   GVSB(builder)->children = g_new (GVariant *,
                                    GVSB(builder)->allocated_children);
+#endif
 }
 
 static void