From 6bb551db112a6d7509d5633be103fe3ee1e09f37 Mon Sep 17 00:00:00 2001
From: Alec Brown <alec.r.brown@oracle.com>
Date: Mon, 21 Mar 2022 02:28:58 -0400
Subject: [PATCH] net/arp: Fix uninitialized scalar variable

In the function grub_net_arp_receive(), grub_net_network_level_address_t
sender_addr and target_addr are being called but aren't being initialized.
In both of these structs, each member is being set to a value except for
grub_dns_option_t option. This results in this member being filled with junk
data from the stack. To prevent this, we can set the option member in both
structs to 0.

Fixes: CID 375030

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 grub-core/net/arp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/grub-core/net/arp.c b/grub-core/net/arp.c
index 54306e3b1..1d367436c 100644
--- a/grub-core/net/arp.c
+++ b/grub-core/net/arp.c
@@ -128,6 +128,8 @@ grub_net_arp_receive (struct grub_net_buff *nb, struct grub_net_card *card,
   target_addr.type = GRUB_NET_NETWORK_LEVEL_PROTOCOL_IPV4;
   sender_addr.ipv4 = arp_packet->sender_ip;
   target_addr.ipv4 = arp_packet->recv_ip;
+  sender_addr.option = 0;
+  target_addr.option = 0;
   if (arp_packet->sender_ip == pending_req)
     have_pending = 1;
 
-- 
2.47.3