From: Andreas Schneider <asn@samba.org>
Date: Mon, 8 Jul 2024 09:13:35 +0000 (+0200)
Subject: libgpo: Initialize struct security_ace array
X-Git-Tag: tdb-1.4.11~128
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=79d2dbc0571a6012a8d301f69343ab7fd3eb2d04;p=thirdparty%2Fsamba.git

libgpo: Initialize struct security_ace array

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/libgpo/gpo_reg.c:708: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/libgpo/gpo_reg.c:755: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
  753|   		     mask, inherit_flags);
  754|
  755|-> 	theacl = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 6, ace);
  756|   	W_ERROR_HAVE_NO_MEMORY(theacl);
  757|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
---

diff --git a/libgpo/gpo_reg.c b/libgpo/gpo_reg.c
index a1a8d7d1a07..9c1e1693b15 100644
--- a/libgpo/gpo_reg.c
+++ b/libgpo/gpo_reg.c
@@ -705,7 +705,7 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx,
 				 struct security_descriptor **sd,
 				 size_t *sd_size)
 {
-	struct security_ace ace[6];
+	struct security_ace ace[6] = {};
 	uint32_t mask;
 
 	struct security_acl *theacl = NULL;