From d755bc43d8f1fc95da55b2e6efedf19c61f99c61 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 20 Jun 2024 14:42:54 +0200
Subject: [PATCH] s3:rpc_client: Initialize struct security_ace

"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpc_client/init_spoolss.c:348: var_decl: Declaring variable ""ace"" without initializer.
samba-4.20.0rc2/source3/rpc_client/init_spoolss.c:415: uninit_use_in_call: Using uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when calling ""make_sec_acl"".
  413|   	   NT5 machine. */
  414|
  415|-> 	if ((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, i, ace)) != NULL) {
  416|   		psd = make_sec_desc(mem_ctx,
  417|   				    SD_REVISION,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
---
 source3/rpc_client/init_spoolss.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/rpc_client/init_spoolss.c b/source3/rpc_client/init_spoolss.c
index c341b82b6ee..a17505f592d 100644
--- a/source3/rpc_client/init_spoolss.c
+++ b/source3/rpc_client/init_spoolss.c
@@ -345,7 +345,7 @@ WERROR spoolss_create_default_devmode(TALLOC_CTX *mem_ctx,
 WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
 				      struct spoolss_security_descriptor **secdesc)
 {
-	struct security_ace ace[7];	/* max number of ace entries */
+	struct security_ace ace[7] = {0};	/* max number of ace entries */
 	int i = 0;
 	uint32_t sa;
 	struct security_acl *psa = NULL;
-- 
2.47.2