auth:gensec: Fully initialize struct spnego_data

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/auth/gensec/spnego.c:1129: var_decl: Declaring variable ""spnego_out"" without initializer.
samba-4.20.0rc2/auth/gensec/spnego.c:1154: uninit_use_in_call: Using uninitialized value ""spnego_out.negTokenTarg.negResult"" when calling ""spnego_write_data"".
 1152|   	}
 1153|
 1154|-> 	if (spnego_write_data(out_mem_ctx, out, &spnego_out) == -1) {
 1155|   		DEBUG(1, (""Failed to write SPNEGO reply to NEG_TOKEN_TARG\n""));
 1156|   		return NT_STATUS_INVALID_PARAMETER;"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 28d2e69132bc2c1c78182f33210ff0e9b5d673e6..378ba3402c4cd26cbb45c67964ea44e8a4063dd2 100644 (file)
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -1110,13 +1110,12 @@ static NTSTATUS gensec_spnego_server_response(struct spnego_state *spnego_state,
                                              DATA_BLOB mech_list_mic,
                                              DATA_BLOB *out)
 {
-       struct spnego_data spnego_out;
-
-       /* compose reply */
-       spnego_out.type = SPNEGO_NEG_TOKEN_TARG;
-       spnego_out.negTokenTarg.responseToken = unwrapped_out;
-       spnego_out.negTokenTarg.mechListMIC = mech_list_mic;
-       spnego_out.negTokenTarg.supportedMech = NULL;
+       struct spnego_data spnego_out = {
+               .type = SPNEGO_NEG_TOKEN_TARG,
+               .negTokenTarg.responseToken = unwrapped_out,
+               .negTokenTarg.mechListMIC = mech_list_mic,
+               .negTokenTarg.supportedMech = NULL,
+       };
 
        if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
                spnego_out.negTokenTarg.supportedMech = spnego_state->neg_oid;