File pacemaker#3394-0001-Low-libcrmcommon-Initialize-some-variables.patch of Package pacemaker.34782
From c7a212a91e53a063b2ccf00f457131d8cad7a39e Mon Sep 17 00:00:00 2001
From: Reid Wahl <nrwahl@protonmail.com>
Date: Wed, 20 Mar 2024 17:36:01 -0700
Subject: [PATCH 1/2] Low: libcrmcommon: Initialize some variables
Cppcheck complained about these. There's no point in spending much
effort on iso8601.c until we start the "replace iso8601.c with GLib"
project, but this is easy enough.
Also avoid a variable-length array and fix a harmless off-by-one (we
don't need max + 1 for array size).
Signed-off-by: Reid Wahl <nrwahl@protonmail.com>
---
 lib/common/iso8601.c | 38 +++++++++++++++++++++++++++-----------
 1 file changed, 27 insertions(+), 11 deletions(-)
Index: pacemaker-2.1.2+20211124.ada5c3b36/lib/common/iso8601.c
===================================================================
--- pacemaker-2.1.2+20211124.ada5c3b36.orig/lib/common/iso8601.c
+++ pacemaker-2.1.2+20211124.ada5c3b36/lib/common/iso8601.c
@@ -538,7 +538,9 @@ crm_time_as_string(crm_time_t * date_tim
 
     if (flags & crm_time_log_date) {
         if (flags & crm_time_weeks) { // YYYY-WW-D
-            uint y, w, d;
+            uint y = 0;
+            uint w = 0;
+            uint d = 0;
 
             if (crm_time_get_isoweek(dt, &y, &w, &d)) {
                 offset += snprintf(result + offset, DATE_MAX - offset,
@@ -546,7 +548,8 @@ crm_time_as_string(crm_time_t * date_tim
             }
 
         } else if (flags & crm_time_ordinal) { // YYYY-DDD
-            uint y, d;
+            uint y = 0;
+            uint d = 0;
 
             if (crm_time_get_ordinal(dt, &y, &d)) {
                 offset += snprintf(result + offset, DATE_MAX - offset,
@@ -554,7 +557,9 @@ crm_time_as_string(crm_time_t * date_tim
             }
 
         } else { // YYYY-MM-DD
-            uint y, m, d;
+            uint y = 0;
+            uint m = 0;
+            uint d = 0;
 
             if (crm_time_get_gregorian(dt, &y, &m, &d)) {
                 offset += snprintf(result + offset, DATE_MAX - offset,
@@ -1629,12 +1634,21 @@ pcmk__time_hr_free(pcmk__time_hr_t * hr_
 char *
 pcmk__time_format_hr(const char *format, pcmk__time_hr_t * hr_dt)
 {
-    const char *mark_s;
-    int max = 128, scanned_pos = 0, printed_pos = 0, fmt_pos = 0,
-        date_len = 0, nano_digits = 0;
-    char nano_s[10], date_s[max+1], nanofmt_s[5] = "%", *tmp_fmt_s;
-    struct tm tm;
-    crm_time_t dt;
+#define DATE_LEN_MAX 128
+    const char *mark_s = NULL;
+    int scanned_pos = 0;
+    int printed_pos = 0;
+    int fmt_pos = 0;
+    size_t date_len = 0;
+    int nano_digits = 0;
+
+    char nano_s[10] = { '\0', };
+    char date_s[DATE_LEN_MAX] = { '\0', };
+    char nanofmt_s[5] = "%";
+    char *tmp_fmt_s = NULL;
+
+    struct tm tm = { 0, };
+    crm_time_t dt = { 0, };
 
     if (!format) {
         return NULL;
@@ -1675,7 +1689,8 @@ pcmk__time_format_hr(const char *format,
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wformat-nonliteral"
 #endif
-        date_len += strftime(&date_s[date_len], max-date_len, tmp_fmt_s, &tm);
+        date_len += strftime(&date_s[date_len], DATE_LEN_MAX - date_len,
+                             tmp_fmt_s, &tm);
 #ifdef GCC_FORMAT_NONLITERAL_CHECKING_ENABLED
 #pragma GCC diagnostic pop
 #endif
@@ -1686,7 +1701,7 @@ pcmk__time_format_hr(const char *format,
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wformat-nonliteral"
 #endif
-            date_len += snprintf(&date_s[date_len], max-date_len,
+            date_len += snprintf(&date_s[date_len], DATE_LEN_MAX - date_len,
                                  nanofmt_s, nano_s);
 #ifdef GCC_FORMAT_NONLITERAL_CHECKING_ENABLED
 #pragma GCC diagnostic pop
@@ -1696,6 +1711,7 @@ pcmk__time_format_hr(const char *format,
     }
 
     return (date_len == 0)?NULL:strdup(date_s);
+#undef DATE_LEN_MAX
 }
 
 /*!