From: Joseph Sutton <josephsutton@catalyst.net.nz>
Date: Tue, 2 Aug 2022 03:21:43 +0000 (+1200)
Subject: s4:torture: Zero samr_UserInfo union in password set test
X-Git-Tag: talloc-2.4.0~1094
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=03f0e4d55be80a1a6dcc0dba8e6ed74d9da63dc3;p=thirdparty%2Fsamba.git

s4:torture: Zero samr_UserInfo union in password set test

If init_samr_CryptPasswordAES() does not fill the
u.info31.password.auth_data array completely, we may be comparing
uninitialised bytes.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 5fe51e51022..de354659067 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -920,6 +920,8 @@ static bool test_SetUserPass_31(struct dcerpc_pipe *p, struct torture_context *t
 	s.in.info = &u;
 	s.in.level = 31;
 
+	ZERO_STRUCT(u);
+
 	u.info31.password_expired = 0;
 
 	status = dcerpc_fetch_session_key(p, &session_key);