Use of uninitialized variable when handling connack packet

[fmeef]

When compiled with -fsanitize=undefined on gcc 9.2.0, gcc's undefined behavior sanitizer warns with the message

mqtt_cpp/include/mqtt/endpoint.hpp:6002:12: runtime error: load of value 252, which is not a valid value for type 'bool' .

This seems to be caused by the session_present member of connack_info not being initialized. As a possible workaround, adding info.session_present = true; at line 6025 of endpoint.cpp fixes the problem, at least from the sanitizer's point of view.

[redboltz]

Thank you for reporting the issue.

I guess that you mean

mqtt_cpp/include/mqtt/endpoint.hpp

Line 6052 in 9d078a3

bool session_present;

The member session_present is assigned at

mqtt_cpp/include/mqtt/endpoint.hpp

Line 6093 in 9d078a3

info.session_present = is_session_present(buf[0]);

But it is one of case clause. Even if connack_phase::header becomes earlier than refers it, sanitizer might warn about that. I understand it.

Just my preference, I will insert info.serssion_present = false; at

mqtt_cpp/include/mqtt/endpoint.hpp

Line 6073 in 9d078a3

The line number could update when master is updated, so I recommend that use some commit just as I do.

[jonesmz]

My guess is that the problem is happening when the struct is copied as a parameter into the function call.

So setting info.serssion_present = false; right after constructing the info object should fix the problem. I've confirmed as much on my end, but maybe you have a better idea,