From 26c56ae51ec1315846d72f5dfcf65cf3ed44456c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 2 Jul 2024 11:41:41 +0200
Subject: [PATCH] s3:rpc_server: Initialize array

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_server/svcctl/srv_svcctl_nt.c:163: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_server/svcctl/srv_svcctl_nt.c:182: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
  180|   	/* create the security descriptor */
  181|
  182|-> 	if ( !(theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
  183|   		return NULL;
  184|"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul  8 08:37:46 UTC 2024 on atb-devel-224
---
 source3/rpc_server/svcctl/srv_svcctl_nt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/rpc_server/svcctl/srv_svcctl_nt.c b/source3/rpc_server/svcctl/srv_svcctl_nt.c
index c1df2f65b6f..0bac31efac3 100644
--- a/source3/rpc_server/svcctl/srv_svcctl_nt.c
+++ b/source3/rpc_server/svcctl/srv_svcctl_nt.c
@@ -160,7 +160,7 @@ static NTSTATUS svcctl_access_check( struct security_descriptor *sec_desc, struc
 
 static struct security_descriptor* construct_scm_sd( TALLOC_CTX *ctx )
 {
-	struct security_ace ace[2];
+	struct security_ace ace[2] = {};
 	size_t i = 0;
 	struct security_descriptor *sd;
 	struct security_acl *theacl;
-- 
2.47.3