The branch, master has been updated
via c9c74d819a2 s3:rpc_server: Initialize array struct security_ace
ace[]
via f434524b472 s4:torture: Initialize struct smb2_handle consistently
in lease.c
via fd4afa309ef s3:registry: Initialize struct security_ace ace[]
via 275ffbf5606 s3:rpcclient: Initialize spoolss_DriverDirectoryInfo
info
via af3868d7036 s3:utils: Initialize DATA_BLOB blob
from 8292481bc06 smbd: Don't talloc_zero where we assign the struct a
line below
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c9c74d819a2749e56626144714a555948149754c
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Jul 3 17:55:31 2024 +0200
s3:rpc_server: Initialize array struct security_ace ace[]
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:567: var_decl: Declaring
variable "h" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:642: uninit_use_in_call: Using
uninitialized value "h" when calling "smb2_util_close".
640|
641| done:
642|-> smb2_util_close(tree, h);
643| smb2_util_close(tree, h2);
644|
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Volker Lendecke <v...@samba.org>
Autobuild-Date(master): Fri Jul 5 08:53:08 UTC 2024 on atb-devel-224
commit f434524b472f7c1ba34f4f4e5229722f7b73807d
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Jul 3 17:53:22 2024 +0200
s4:torture: Initialize struct smb2_handle consistently in lease.c
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/lease.c:567: var_decl: Declaring
variable "h" without initializer.
samba-4.20.0rc2/source4/torture/smb2/lease.c:642: uninit_use_in_call: Using
uninitialized value "h" when calling "smb2_util_close".
640|
641| done:
642|-> smb2_util_close(tree, h);
643| smb2_util_close(tree, h2);
644|
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit fd4afa309efc97b75d032ca8f59b16b08c51f1c8
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Jul 3 17:34:47 2024 +0200
s3:registry: Initialize struct security_ace ace[]
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/registry/reg_dispatcher.c:43: var_decl: Declaring
variable "ace" without initializer.
samba-4.20.0rc2/source3/registry/reg_dispatcher.c:66: uninit_use_in_call:
Using uninitialized value "*ace". Field "ace->object" is uninitialized when
calling "make_sec_acl".
64| /* create the security descriptor */
65|
66|-> theacl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace);
67| if (theacl == NULL) {
68| return WERR_NOT_ENOUGH_MEMORY;
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 275ffbf5606735942b96afdaaa28fd824fe220ef
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Jul 3 17:33:20 2024 +0200
s3:rpcclient: Initialize spoolss_DriverDirectoryInfo info
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/rpcclient/cmd_spoolss.c:1530: var_decl: Declaring
variable "info" without initializer.
samba-4.20.0rc2/source3/rpcclient/cmd_spoolss.c:1578: uninit_use_in_call:
Using uninitialized value "info" when calling "display_printdriverdir_1".
1576|
1577| if (W_ERROR_IS_OK(result)) {
1578|-> display_printdriverdir_1(&info.info1);
1579| }
1580|
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit af3868d70367523db6d4ae4411e951baa5849803
Author: Pavel Filipenský <pfilipen...@samba.org>
Date: Wed Jul 3 17:30:51 2024 +0200
s3:utils: Initialize DATA_BLOB blob
Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/utils/regedit_dialog.c:1965: var_decl: Declaring
variable "blob" without initializer.
samba-4.20.0rc2/source3/utils/regedit_dialog.c:2044: uninit_use_in_call:
Using uninitialized value "blob" when calling "reg_val_set".
2042|
2043| if (W_ERROR_IS_OK(rv)) {
2044|-> rv = reg_val_set(edit->key, name, edit->type,
blob);
2045| }
2046|
Signed-off-by: Pavel Filipenský <pfilipen...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/registry/reg_dispatcher.c | 2 +-
source3/rpc_server/lsa/srv_lsa_nt.c | 2 +-
source3/rpcclient/cmd_spoolss.c | 2 +-
source3/utils/regedit_dialog.c | 2 +-
source4/torture/smb2/lease.c | 144 +++++++++++++++++-------------------
5 files changed, 70 insertions(+), 82 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/registry/reg_dispatcher.c
b/source3/registry/reg_dispatcher.c
index ab3fb24dc2f..097b6d4d30f 100644
--- a/source3/registry/reg_dispatcher.c
+++ b/source3/registry/reg_dispatcher.c
@@ -40,7 +40,7 @@ static const struct generic_mapping reg_generic_map =
static WERROR construct_registry_sd(TALLOC_CTX *ctx, struct
security_descriptor **psd)
{
- struct security_ace ace[3];
+ struct security_ace ace[3] = {};
size_t i = 0;
struct security_descriptor *sd;
struct security_acl *theacl;
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c
b/source3/rpc_server/lsa/srv_lsa_nt.c
index 8bd2914538b..bf8ad241a5b 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -301,7 +301,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx,
struct security_descript
struct dom_sid *sid, uint32_t
sid_access)
{
struct dom_sid adm_sid;
- struct security_ace ace[5];
+ struct security_ace ace[5] = {};
size_t i = 0;
struct security_acl *psa = NULL;
diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c
index 40ee3e7f874..17ba74c333f 100644
--- a/source3/rpcclient/cmd_spoolss.c
+++ b/source3/rpcclient/cmd_spoolss.c
@@ -1527,7 +1527,7 @@ static WERROR cmd_spoolss_getdriverdir(struct
rpc_pipe_client *cli,
const char *env = SPOOLSS_ARCHITECTURE_NT_X86;
DATA_BLOB buffer;
uint32_t offered;
- union spoolss_DriverDirectoryInfo info;
+ union spoolss_DriverDirectoryInfo info = {};
uint32_t needed;
struct dcerpc_binding_handle *b = cli->binding_handle;
diff --git a/source3/utils/regedit_dialog.c b/source3/utils/regedit_dialog.c
index d1cb45fd8f2..f97bc2ccc76 100644
--- a/source3/utils/regedit_dialog.c
+++ b/source3/utils/regedit_dialog.c
@@ -1962,7 +1962,7 @@ static bool edit_on_submit(struct dialog *dia, struct
dialog_section *section,
{
struct edit_req *edit = arg;
WERROR rv;
- DATA_BLOB blob;
+ DATA_BLOB blob = {};
const char *name;
struct dialog_section *name_section, *data;
diff --git a/source4/torture/smb2/lease.c b/source4/torture/smb2/lease.c
index 370f4224b13..fb65f666661 100644
--- a/source4/torture/smb2/lease.c
+++ b/source4/torture/smb2/lease.c
@@ -121,8 +121,8 @@ static bool test_lease_request(struct torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname = "lease_request.dat";
const char *fname2 = "lease_request.2.dat";
@@ -210,8 +210,8 @@ static bool test_lease_upgrade(struct torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h = {{0}};
- struct smb2_handle hnew = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle hnew = {};
NTSTATUS status;
const char *fname = "lease_upgrade.dat";
bool ret = true;
@@ -333,12 +333,8 @@ static bool test_lease_upgrade2(struct torture_context
*tctx,
struct smb2_tree *tree)
{
TALLOC_CTX *mem_ctx = talloc_new(tctx);
- struct smb2_handle h = {
- .data = {},
- };
- struct smb2_handle hnew = {
- .data = {},
- };
+ struct smb2_handle h = {};
+ struct smb2_handle hnew = {};
NTSTATUS status;
struct smb2_create io;
struct smb2_lease ls;
@@ -454,15 +450,9 @@ static bool test_lease_upgrade3(struct torture_context
*tctx,
struct smb2_tree *tree)
{
TALLOC_CTX *mem_ctx = talloc_new(tctx);
- struct smb2_handle h = {
- .data = {0},
- };
- struct smb2_handle h2 = {
- .data = {0},
- };
- struct smb2_handle hnew = {
- .data = {0},
- };
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle hnew = {};
NTSTATUS status;
struct smb2_create io;
struct smb2_lease ls;
@@ -577,7 +567,9 @@ static bool test_lease_break(struct torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h, h2, h3;
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
NTSTATUS status;
const char *fname = "lease_break.dat";
bool ret = true;
@@ -668,8 +660,8 @@ static bool test_lease_nobreakself(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname = "lease_nobreakself.dat";
bool ret = true;
@@ -748,8 +740,8 @@ static bool test_lease_statopen(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname = "lease_statopen.dat";
bool ret = true;
@@ -825,9 +817,9 @@ static bool test_lease_statopen2(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
NTSTATUS status;
const char *fname = "lease_statopen2.dat";
bool ret = true;
@@ -907,8 +899,8 @@ static bool test_lease_statopen3(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname = "lease_statopen3.dat";
bool ret = true;
@@ -975,9 +967,9 @@ static bool test_lease_statopen4_do(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
NTSTATUS status;
const char *fname = "lease_statopen2.dat";
bool ret = true;
@@ -1053,7 +1045,7 @@ static bool test_lease_statopen4(struct torture_context
*tctx,
struct smb2_tree *tree)
{
const char *fname = "lease_statopen4.dat";
- struct smb2_handle h1 = {{0}};
+ struct smb2_handle h1 = {};
uint32_t caps;
size_t i;
NTSTATUS status;
@@ -1233,12 +1225,8 @@ static bool test_lease_oplock(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h = {
- .data = {0},
- };
- struct smb2_handle h2 = {
- .data = {0},
- };
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname = "lease_oplock.dat";
bool ret = true;
@@ -1358,9 +1346,9 @@ static bool test_lease_multibreak(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "lease_multibreak.dat";
@@ -1479,7 +1467,7 @@ static bool test_lease_v2_request_parent(struct
torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
+ struct smb2_handle h1 = {};
uint64_t parent = LEASE2;
NTSTATUS status;
const char *fname = "lease_v2_request_parent.dat";
@@ -1535,7 +1523,7 @@ static bool test_lease_break_twice(struct torture_context
*tctx,
struct smb2_create io;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h1 = {{0}};
+ struct smb2_handle h1 = {};
NTSTATUS status;
const char *fname = "lease_break_twice.dat";
bool ret = true;
@@ -1607,11 +1595,11 @@ static bool test_lease_v2_request(struct
torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls1, ls2, ls2t, ls3, ls4;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
- struct smb2_handle h4 = {{0}};
- struct smb2_handle h5 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
+ struct smb2_handle h4 = {};
+ struct smb2_handle h5 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "lease_v2_request.dat";
@@ -1762,7 +1750,7 @@ static bool test_lease_v2_epoch1(struct torture_context
*tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h;
+ struct smb2_handle h = {};
const char *fname = "lease_v2_epoch1.dat";
bool ret = true;
NTSTATUS status;
@@ -3232,9 +3220,9 @@ static bool test_lease_complex1(struct torture_context
*tctx,
struct smb2_create io2;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "lease_complex1.dat";
@@ -3360,9 +3348,9 @@ static bool test_lease_v2_complex1(struct torture_context
*tctx,
struct smb2_create io2;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "lease_v2_complex1.dat";
@@ -3507,8 +3495,8 @@ static bool test_lease_v2_complex2(struct torture_context
*tctx,
struct smb2_create io2;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle h2 = {};
struct smb2_request *req2 = NULL;
struct smb2_lease_break_ack ack = {};
NTSTATUS status;
@@ -3617,9 +3605,9 @@ static bool test_lease_timeout(struct torture_context
*tctx,
struct smb2_create io;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h = {{0}};
- struct smb2_handle hnew = {{0}};
- struct smb2_handle h1b = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle hnew = {};
+ struct smb2_handle h1b = {};
NTSTATUS status;
const char *fname = "lease_timeout.dat";
bool ret = true;
@@ -3748,9 +3736,9 @@ static bool test_lease_rename_wait(struct torture_context
*tctx,
struct smb2_lease ls1;
struct smb2_lease ls2;
struct smb2_lease ls3;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
- struct smb2_handle h3 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
+ struct smb2_handle h3 = {};
union smb_setfileinfo sinfo;
NTSTATUS status;
const char *fname_src = "lease_rename_src.dat";
@@ -3889,9 +3877,9 @@ static bool test_lease_v2_rename(struct torture_context
*tctx,
struct smb2_create io;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h = {{0}};
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h = {};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
union smb_setfileinfo sinfo;
const char *fname = "lease_v2_rename_src.dat";
const char *fname_dst = "lease_v2_rename_dst.dat";
@@ -4023,7 +4011,7 @@ static bool test_lease_dynamic_share(struct
torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls1;
- struct smb2_handle h, h1, h2;
+ struct smb2_handle h = {}, h1 = {}, h2 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "dynamic_path.dat";
@@ -4236,8 +4224,8 @@ static bool test_lease_unlink(struct torture_context
*tctx,
struct smb2_tree *tree2 = NULL;
struct smb2_transport *transport1 = tree1->session->transport;
struct smb2_transport *transport2;
- struct smb2_handle h1 = {{ 0 }};
- struct smb2_handle h2 = {{ 0 }};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
const char *fname = "lease_unlink.dat";
uint32_t caps;
struct smb2_create io1;
@@ -4460,8 +4448,8 @@ static bool test_lease_duplicate_create(struct
torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname1 = "duplicate_create1.dat";
const char *fname2 = "duplicate_create2.dat";
@@ -4512,8 +4500,8 @@ static bool test_lease_duplicate_open(struct
torture_context *tctx,
TALLOC_CTX *mem_ctx = talloc_new(tctx);
struct smb2_create io;
struct smb2_lease ls;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
NTSTATUS status;
const char *fname1 = "duplicate_open1.dat";
const char *fname2 = "duplicate_open2.dat";
@@ -4582,8 +4570,8 @@ static bool test_lease_v1_bug_15148(struct
torture_context *tctx,
struct smb2_create io2;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "lease_v1_bug_15148.dat";
@@ -4677,8 +4665,8 @@ static bool test_lease_v2_bug_15148(struct
torture_context *tctx,
struct smb2_create io2;
struct smb2_lease ls1;
struct smb2_lease ls2;
- struct smb2_handle h1 = {{0}};
- struct smb2_handle h2 = {{0}};
+ struct smb2_handle h1 = {};
+ struct smb2_handle h2 = {};
struct smb2_write w;
NTSTATUS status;
const char *fname = "lease_v2_bug_15148.dat";
--
Samba Shared Repository
