--- /dev/null
+From f09bd695af3b8ab46fc24e5d6954a24104c38387 Mon Sep 17 00:00:00 2001
+From: Steve French <stfrench@microsoft.com>
+Date: Fri, 14 Oct 2022 18:50:20 -0500
+Subject: smb3: must initialize two ACL struct fields to zero
+
+From: Steve French <stfrench@microsoft.com>
+
+commit f09bd695af3b8ab46fc24e5d6954a24104c38387 upstream.
+
+Coverity spotted that we were not initalizing Stbz1 and Stbz2 to
+zero in create_sd_buf.
+
+Addresses-Coverity: 1513848 ("Uninitialized scalar variable")
+Cc: <stable@vger.kernel.org>
+Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/cifs/smb2pdu.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/fs/cifs/smb2pdu.c
++++ b/fs/cifs/smb2pdu.c
+@@ -2354,7 +2354,7 @@ create_sd_buf(umode_t mode, bool set_own
+ unsigned int acelen, acl_size, ace_count;
+ unsigned int owner_offset = 0;
+ unsigned int group_offset = 0;
+- struct smb3_acl acl;
++ struct smb3_acl acl = {};
+
+ *len = roundup(sizeof(struct crt_sd_ctxt) + (sizeof(struct cifs_ace) * 4), 8);
+
+@@ -2427,6 +2427,7 @@ create_sd_buf(umode_t mode, bool set_own
+ acl.AclRevision = ACL_REVISION; /* See 2.4.4.1 of MS-DTYP */
+ acl.AclSize = cpu_to_le16(acl_size);
+ acl.AceCount = cpu_to_le16(ace_count);
++ /* acl.Sbz1 and Sbz2 MBZ so are not set here, but initialized above */
+ memcpy(aclptr, &acl, sizeof(struct smb3_acl));
+
+ buf->ccontext.DataLength = cpu_to_le32(ptr - (__u8 *)&buf->sd);
projects / thirdparty / kernel / stable-queue.git / commitdiff
