s3:rpc_server: Make sure struct security_ace is initialized

Found by Covscan.

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_server/samr/srv_samr_nt.c:235: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_server/samr/srv_samr_nt.c:269: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
  267|   	/* create the security descriptor */
  268|
  269|-> 	if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
  270|   		return NT_STATUS_NO_MEMORY;
  271|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>

diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index d26a8d5a4408a14283fcff6298151dfb7e7f4506..e0d0875bd5da2fafd6a905da49ecd41557667f06 100644 (file)
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -232,7 +232,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, struct security_descriptor
                                     struct dom_sid *sid, uint32_t sid_access )
 {
        struct dom_sid domadmin_sid;
-       struct security_ace ace[5];             /* at most 5 entries */
+       struct security_ace ace[5] = {0};               /* at most 5 entries */
        size_t i = 0;
 
        struct security_acl *psa = NULL;