From aae8cab3f9be0189d6f76bf1a53a1d747b8ba2ff Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 21 Jun 2024 10:49:53 +0200
Subject: [PATCH] s3:smbd: Make sure struct security_ace is initialized

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/smbd/posix_acls.c:4706: var_decl: Declaring variable ""aces"" without initializer.
samba-4.20.0rc2/source3/smbd/posix_acls.c:4748: uninit_use_in_call: Using uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when calling ""make_sec_acl"".
 4746|   	idx++;
 4747|
 4748|-> 	new_dacl = make_sec_acl(ctx,
 4749|   				NT4_ACL_REVISION,
 4750|   				idx,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
---
 source3/smbd/posix_acls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index e743945e473..38373e96aca 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4703,7 +4703,7 @@ static NTSTATUS make_default_acl_windows(TALLOC_CTX *ctx,
 {
 	struct dom_sid owner_sid, group_sid;
 	size_t size = 0;
-	struct security_ace aces[4];
+	struct security_ace aces[4] = {0};
 	uint32_t access_mask = 0;
 	mode_t mode = psbuf->st_ex_mode;
 	struct security_acl *new_dacl = NULL;
-- 
2.47.2