]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d6a7a97)
s3:lib: Make sure struct security_ace is fully initialized
authorAndreas Schneider <asn@samba.org>
Tue, 18 Jun 2024 13:48:38 +0000 (15:48 +0200)
committerAndreas Schneider <asn@cryptomilk.org>
Mon, 24 Jun 2024 06:14:35 +0000 (06:14 +0000)
Found by Covscan.

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/lib/sharesec.c:275: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/lib/sharesec.c:285: uninit_use_in_call: Using uninitialized value ""ace"". Field ""ace.object"" is uninitialized when calling ""make_sec_acl"".
  283|    init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
  284|
  285|->  if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) {
  286|    psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
  287|        SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Signed-off-by: Martin Schwenke <mschwenke@ddn.com>
source3/lib/sharesec.c patch | blob | blame | history

diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index e6f087fc69777fd6a93dbc667286afa09f764296..da1d5e89e5484a894d7227f5b9a14b11e7591786 100644 (file)
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -272,7 +272,9 @@ static struct security_descriptor *get_share_security_default(TALLOC_CTX *ctx,
                                                        uint32_t def_access)
 {
        uint32_t sa;
-       struct security_ace ace;
+       struct security_ace ace = {
+               .size = 0,
+       };
        struct security_acl *psa = NULL;
        struct security_descriptor *psd = NULL;
        uint32_t spec_access = def_access;
Mirror of https://github.com/samba-team/samba.git