Fix remaining uninitialized scalar values (CID #1503958, #1504020) (#5150)

The latter issue was interesting; the dbuff is set to use ether.addr,
but fr_value_box_ethernet_addr() is passed &ether, which looks like
it will put random garbage in the value box until you notice that
the address is the only member of the type. We'll see whether coverity
considers (fr_ethernet_t * const) fr_dbuff_start(&dbuff) a dangerous
downcast (whatever that means in C) and still complains. I hope not,
because the only reason that comes to mind for it is alignment issues,
which shouldn't happen here.

diff --git a/src/lib/util/value.c b/src/lib/util/value.c
index 7b102d9dcc7686464047a5cee2a17903861968a6..8e850667879791844edff8a5971336be6c432ae7 100644 (file)
--- a/src/lib/util/value.c
+++ b/src/lib/util/value.c
@@ -4978,7 +4978,7 @@ parse:
                fr_base16_decode(&err, &dbuff, &our_in, true);
                if (err != FR_SBUFF_PARSE_OK) goto ether_error;
 
-               fr_value_box_ethernet_addr(dst, dst_enumv, &ether, tainted);
+               fr_value_box_ethernet_addr(dst, dst_enumv, (fr_ethernet_t * const)fr_dbuff_start(&dbuff), tainted);
 
                FR_SBUFF_SET_RETURN(in, &our_in);
        }

diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c
index b99f82ceda6e3ec56739dd730f0416451d3260a6..b3fab2e22d42a9ca759abc7459e1fa28c2e580fc 100644 (file)
--- a/src/modules/rlm_pap/rlm_pap.c
+++ b/src/modules/rlm_pap/rlm_pap.c
@@ -775,6 +775,7 @@ static unlang_action_t CC_HINT(nonnull) pap_auth_lm(rlm_rcode_t *p_result,
                                                    fr_pair_t const *known_good, UNUSED fr_pair_t const *password)
 {
        uint8_t digest[MD4_DIGEST_LENGTH];
+       fr_dbuff_t digest_dbuff = FR_DBUFF_TMP(digest, sizeof(digest));
        char    charbuf[32 + 1];
        ssize_t len;
 
@@ -788,9 +789,9 @@ static unlang_action_t CC_HINT(nonnull) pap_auth_lm(rlm_rcode_t *p_result,
        len = xlat_eval(charbuf, sizeof(charbuf), request, "%(mschap:LM-Hash %{User-Password})", NULL, NULL);
        if (len < 0) RETURN_MODULE_FAIL;
 
-       if ((fr_base16_decode(NULL, &FR_DBUFF_TMP(digest, sizeof(digest)), &FR_SBUFF_IN(charbuf, len), false) !=
+       if ((fr_base16_decode(NULL, &digest_dbuff, &FR_SBUFF_IN(charbuf, len), false) !=
             (ssize_t)known_good->vp_length) ||
-           (fr_digest_cmp(digest, known_good->vp_octets, known_good->vp_length) != 0)) {
+           (fr_digest_cmp(fr_dbuff_start(&digest_dbuff), known_good->vp_octets, known_good->vp_length) != 0)) {
                REDEBUG("LM digest does not match \"known good\" digest");
                REDEBUG3("Calculated : %pH", fr_box_octets(digest, sizeof(digest)));
                REDEBUG3("Expected   : %pH", &known_good->data);