From: Andreas Schneider <asn@samba.org>
Date: Thu, 20 Jun 2024 07:14:45 +0000 (+0200)
Subject: s3:smbd: Make sure struct security_ace is initialized
X-Git-Tag: tdb-1.4.11~246
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=147861936320d98877d088a9bd36cb2243c98abe;p=thirdparty%2Fsamba.git

s3:smbd: Make sure struct security_ace is initialized

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/smbd/posix_acls.c:4778: var_decl: Declaring variable ""aces"" without initializer.
samba-4.20.0rc2/source3/smbd/posix_acls.c:4799: uninit_use_in_call: Using uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when calling ""make_sec_acl"".
 4797|   	idx++;
 4798|
 4799|-> 	new_dacl = make_sec_acl(ctx,
 4800|   				NT4_ACL_REVISION,
 4801|   				idx,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
---

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 2ff2d5f77b8..e743945e473 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4775,7 +4775,7 @@ static NTSTATUS make_default_acl_everyone(TALLOC_CTX *ctx,
 {
 	struct dom_sid owner_sid, group_sid;
 	size_t size = 0;
-	struct security_ace aces[1];
+	struct security_ace aces[1] = {0};
 	mode_t mode = psbuf->st_ex_mode;
 	struct security_acl *new_dacl = NULL;
 	int idx = 0;