multiple valgrind errors: Conditional jump or move depends on uninitialised value(s)

Question

I'm running valgrind and I'm getting the following error (this is not the only one):

==21743== Conditional jump or move depends on uninitialised value(s)
==21743==    at 0x4A06509: index (mc_replace_strmem.c:164)
==21743==    by 0x33B7CBB3CD: gaih_inet (in /lib64/libc-2.5.so)
==21743==    by 0x33B7CBD629: getaddrinfo (in /lib64/libc-2.5.so)
==21743==    by 0x401A5F: tunnelURL (proxy.c:336)
==21743==    by 0x40142A: client_thread (proxy.c:194)
==21743==    by 0x33B8806616: start_thread (in /lib64/libpthread-2.5.so)
==21743==    by 0x33B7CD3C2C: clone (in /lib64/libc-2.5.so)

My tunnelURL() function looks like this:

char * tunnelURL(char *url) {
 char * a = strstr(url, "//");
 a += 2;
 char * path = strstr(a, "/");

 char host[256];
 strncpy (host, a, strlen(a)-strlen(path));

 /*
  * The following is courtesy of Beej's Guide
  */
 int status;
 int proxySocketFD;
 struct addrinfo hints;
 struct addrinfo *servinfo; // will point to the results

 memset(&hints, 0, sizeof(hints)); // make sure the struct is empty
 hints.ai_family = AF_INET; // don't care IPv4 or IPv6
 hints.ai_socktype = SOCK_STREAM; // TCP stream sockets
 hints.ai_flags = AI_PASSIVE; // fill in my IP for me

 if ((status = getaddrinfo(host, "80", &hints, &servinfo)) != 0) {
  perror("getaddrinfo() fail");
  exit(1);
 }

 // create socket
 if ((proxySocketFD = socket(servinfo->ai_family, servinfo->ai_socktype, servinfo->ai_protocol)) == -1) {
  perror("proxy socket() fail");
  exit(1);
 }

 // connect
 if (connect(proxySocketFD, servinfo->ai_addr, servinfo->ai_addrlen) != 0) {
  printf("connect() fail");
  exit(1);
 }

 // construct request
 char request[strlen(path) + strlen(host) + 26];
 sprintf(request, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n", path, host);
 printf("%s", request);

 // send request
 send(proxySocketFD, request, strlen(request), 0);

 // receive response
 int i = 0;
 int amntRecvd = 0;
 char *pageContentBuffer = (char*) malloc(4096 * sizeof(char));
 while ((amntRecvd = recv(proxySocketFD, pageContentBuffer + i, 4096, 0)) > 0) {
  i += amntRecvd;
  realloc(pageContentBuffer, i * 4096 * sizeof(char));
 }

 // close proxy socket
 close(proxySocketFD);

 // deallocate memory
 freeaddrinfo(servinfo);

 return pageContentBuffer;

}

Line 336 corresponds to the if statement with the getaddrinfo() function call. I'm not really sure what I haven't initialized. The string I'm passing in "should" be already set... I'm printing it out just fine. I also get another error corresponding to the same line of code:

==21743== Use of uninitialised value of size 8
==21743==    at 0x33B7D05816: __nscd_cache_search (in /lib64/libc-2.5.so)
==21743==    by 0x33B7D0438B: nscd_gethst_r (in /lib64/libc-2.5.so)
==21743==    by 0x33B7D04B26: __nscd_gethostbyname2_r (in /lib64/libc-2.5.so)
==21743==    by 0x33B7CE9F5E: gethostbyname2_r@@GLIBC_2.2.5 (in /lib64/libc-2.5.so)
==21743==    by 0x33B7CBC522: gaih_inet (in /lib64/libc-2.5.so)
==21743==    by 0x33B7CBD629: getaddrinfo (in /lib64/libc-2.5.so)
==21743==    by 0x401A5F: tunnelURL (proxy.c:336)
==21743==    by 0x40142A: client_thread (proxy.c:194)
==21743==    by 0x33B8806616: start_thread (in /lib64/libpthread-2.5.so)
==21743==    by 0x33B7CD3C2C: clone (in /lib64/libc-2.5.so)

Any ideas as to what might becausing this? This is written in C btw...

Thanks, Hristo

Answer 1

 // receive response
 int i = 0;
 int amntRecvd = 0;
 char *pageContentBuffer = (char*) malloc(4096 * sizeof(char));
 while ((amntRecvd = recv(proxySocketFD, pageContentBuffer + i, 4096, 0)) > 0) {
  i += amntRecvd;
  realloc(pageContentBuffer, i * 4096 * sizeof(char));
 }

realloc(pageContentBuffer, i * 4096 * sizeof(char)) does not look right. If you received 4096 bytes first, you will be allocating 4096*4096 bytes next, 2*4096*4096 bytes next and so on. Perhaps you meant addition?

Answer 2

You're not using realloc() correctly. realloc() may move the allocated block, and it returns the new address of the block - so you need to assign that return value to pageContentBuffer (iff it's not NULL).