The branch, master has been updated
via 85d80240ec7 s4:torture: Do not set sr.in.info to info be we queried
the info
via 8268b3efff9 lib:param: Add missing return code check
via c3abd320e67 s3:services: Initialize struct security_ace array
via bd5e095e278 s4:torture: Remove tailing spaces in forest_trust.c
via f3da16937ae s3:modules: Make nread a size_t and check for possible
overflow
via a541a7d7168 s3:modules: Move chunk out of the loop
via 862ba429f90 s3:modules: Rename thistime to chunk
via 79d2dbc0571 libgpo: Initialize struct security_ace array
via 03283dfae27 s4:torture: Initialize struct smb_nttrans
via 7723353dae7 s4:torture: Remove tailing spaces in scanner.c
via d003a171912 s4:torture: Initialize struct smb2_create
via d21b8e057c8 lib:util: Move open() of /dev/null into the if-clause
via ddadbddb401 libcli:nbt: Initialize struct nbt_name_register
via ae47ec172fb s4:torture: Initialize union smb_open
via 3aa6aa02a84 s4:torture: Initialize struct netr_IdentityInfo
from a3856ee4dc8 python:tests: pass bytes.decode() instead of str(bytes)
to assertMultiLineEqual() to get better failure output
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 85d80240ec73d5fddd2e254ee142d06fe096f133
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:39:28 2024 +0200
s4:torture: Do not set sr.in.info to info be we queried the info
`sr.in.info = info` is correctly set later after we called
dcerpc_lsa_QueryTrustedDomainInfoByName_r() which filling the info
pointer with data.
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:211: var_decl: Declaring
variable ""info"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/forest_trust.c:248: uninit_use: Using
uninitialized value ""info"".
246| sr.in.trusted_domain = talloc_zero(tctx, struct lsa_String);
247| sr.in.trusted_domain->string = name;
248|-> sr.in.info = info;
249|
250| for (c = 0; il[c].info_level != -1; c++) {"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
Autobuild-User(master): Günther Deschner <g...@samba.org>
Autobuild-Date(master): Tue Jul 16 12:42:39 UTC 2024 on atb-devel-224
commit 8268b3efff9b0c8475df6a51451f0b4a399718b1
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 12:26:47 2024 +0200
lib:param: Add missing return code check
"Error: NEGATIVE_RETURNS (CWE-394):
samba-4.20.0rc2/lib/param/loadparm.c:1275: negative_return_fn: Function
""lpcfg_map_parameter(""printing"")"" returns a negative number.
samba-4.20.0rc2/lib/param/loadparm.c:1275: assign: Assigning: ""parm_num""
= ""lpcfg_map_parameter(""printing"")"".
samba-4.20.0rc2/lib/param/loadparm.c:1278: negative_returns: Using variable
""parm_num"" as an index to array ""parm_table"".
1276| }
1277|
1278|-> if (!lp_set_enum_parm(&parm_table[parm_num], pszParmValue,
(int*)ptr)) {
1279| return false;
1280| }"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit c3abd320e67f77d016d2e02da084c34615d1c7f9
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 12:21:06 2024 +0200
s3:services: Initialize struct security_ace array
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit bd5e095e27824a4c8f68587ce3caadda0cbda6f2
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:40:51 2024 +0200
s4:torture: Remove tailing spaces in forest_trust.c
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit f3da16937aecca2d8b8ddc8e37f1e9386c0f3367
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:25:32 2024 +0200
s3:modules: Make nread a size_t and check for possible overflow
"Error: INTEGER_OVERFLOW (CWE-190):
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: tainted_data_return:
Called function ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) -
nread)"", and a possible return value may be less than zero.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: assign: Assigning:
""thistime"" = ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) -
nread)"".
samba-4.20.0rc2/source3/modules/vfs_preopen.c:221: overflow: The expression
""nread"" is considered to have possibly overflowed.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow: The expression
""talloc_get_size(namebuf) - nread"" is deemed overflowed because at least one
of its arguments has overflowed.
samba-4.20.0rc2/source3/modules/vfs_preopen.c:215: overflow_sink:
""talloc_get_size(namebuf) - nread"", which might have underflowed, is passed
to ""read(sock_fd, namebuf + nread, talloc_get_size(namebuf) - nread)"". [Note:
The source code implementation of the function has been overridden by a builtin
model.]
213| ssize_t thistime;
214|
215|-> thistime = read(sock_fd, namebuf + nread,
216| talloc_get_size(namebuf) - nread);
217| if (thistime <= 0) {"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit a541a7d7168fb5383764e7aee44c30a74172f68a
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:24:34 2024 +0200
s3:modules: Move chunk out of the loop
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit 862ba429f9033eaf5eb72d80f17a0ca6006bcbee
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:23:39 2024 +0200
s3:modules: Rename thistime to chunk
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit 79d2dbc0571a6012a8d301f69343ab7fd3eb2d04
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:13:35 2024 +0200
libgpo: Initialize struct security_ace array
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/libgpo/gpo_reg.c:708: var_decl: Declaring variable ""ace""
without initializer.
samba-4.20.0rc2/libgpo/gpo_reg.c:755: uninit_use_in_call: Using
uninitialized value ""*ace"". Field ""ace->object"" is uninitialized when
calling ""make_sec_acl"".
753| mask, inherit_flags);
754|
755|-> theacl = make_sec_acl(mem_ctx, NT4_ACL_REVISION, 6, ace);
756| W_ERROR_HAVE_NO_MEMORY(theacl);
757|"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit 03283dfae275ee9960cdc0ed6b1002c79d706eb4
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:12:02 2024 +0200
s4:torture: Initialize struct smb_nttrans
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/basic/scanner.c:368: var_decl: Declaring
variable ""parms"" without initializer.
samba-4.20.0rc2/source4/torture/basic/scanner.c:388: uninit_use_in_call:
Using uninitialized value ""parms.in.setup"" when calling ""smb_raw_nttrans"".
386| parms.in.data = ntdata_blob;
387|
388|-> status = smb_raw_nttrans(cli->tree, mem_ctx, &parms);
389|
390| if (NT_STATUS_IS_ERR(status)) {"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit 7723353dae79fccf1f4a192271b614132a9176ba
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:11:26 2024 +0200
s4:torture: Remove tailing spaces in scanner.c
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit d003a171912a33c0fb49b90dae4bc8e1979019de
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 11:05:45 2024 +0200
s4:torture: Initialize struct smb2_create
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/sharemode.c:639: var_decl: Declaring
variable ""cr3"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/sharemode.c:736: uninit_use_in_call:
Using uninitialized value ""cr3.out.file.handle"" when calling
""smb2_util_close"".
734| smb2_util_close(tree, cr1.out.file.handle);
735| smb2_util_close(tree, cr2.out.file.handle);
736|-> smb2_util_close(tree, cr3.out.file.handle);
737| smb2_util_unlink(tree, fname);
738| return ret;"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit d21b8e057c8e28925750c154b1bc2ae645d57753
Author: Andreas Schneider <a...@samba.org>
Date: Mon Jul 8 10:14:39 2024 +0200
lib:util: Move open() of /dev/null into the if-clause
"Error: RESOURCE_LEAK (CWE-772):
samba-4.20.0rc2/lib/util/close_low_fd.c:40: open_fn: Returning handle
opened by ""open"". [Note: The source code implementation of the function has
been overridden by a user model.]
samba-4.20.0rc2/lib/util/close_low_fd.c:40: var_assign: Assigning:
""dev_null"" = handle returned from ""open(""/dev/null"", 2, 0)"".
samba-4.20.0rc2/lib/util/close_low_fd.c:52: overwrite_var: Overwriting
handle ""dev_null"" in ""dev_null = open(""/dev/null"", 2, 0)"" leaks the
handle.
50| }
51|
52|-> dev_null = open(""/dev/null"", O_RDWR, 0);
53| if (dev_null == -1) {
54| dev_null = open(""/dev/null"", O_WRONLY, 0);"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit ddadbddb401613258332359bc9c35069445070c9
Author: Andreas Schneider <a...@samba.org>
Date: Fri Jul 5 14:00:11 2024 +0200
libcli:nbt: Initialize struct nbt_name_register
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/libcli/nbt/pynbt.c:277: var_decl: Declaring variable ""io""
without initializer.
samba-4.20.0rc2/libcli/nbt/pynbt.c:305: uninit_use_in_call: Using
uninitialized value ""io.in.nb_flags"" when calling ""nbt_name_register"".
303| return NULL;
304|
305|-> status = nbt_name_register(node->socket, NULL, &io);
306|
307| if (NT_STATUS_IS_ERR(status)) {"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit ae47ec172fba0a508eb084505db52640685c161a
Author: Andreas Schneider <a...@samba.org>
Date: Fri Jul 5 13:58:53 2024 +0200
s4:torture: Initialize union smb_open
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/raw/open.c:1136: var_decl: Declaring
variable ""io1"" without initializer.
samba-4.20.0rc2/source4/torture/raw/open.c:1198: uninit_use_in_call: Using
uninitialized value ""io1.ntcreatex.out.file.fnum"" when calling
""smbcli_close"".
1196| done:
1197| smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
1198|-> smbcli_close(cli->tree, io1.ntcreatex.out.file.fnum);
1199| smbcli_deltree(cli->tree, BASEDIR);
1200| return ret;"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
commit 3aa6aa02a84a63c634c33649521ab0423fd59994
Author: Andreas Schneider <a...@samba.org>
Date: Fri Jul 5 13:37:30 2024 +0200
s4:torture: Initialize struct netr_IdentityInfo
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/samr.c:3601: var_decl: Declaring
variable ""identity"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/samr.c:3650: uninit_use: Using
uninitialized value ""identity"". Field ""identity.domain_name.length"" is
uninitialized.
3648| }
3649|
3650|-> pinfo.identity_info = identity;
3651| logon.password = &pinfo;
3652|"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/param/loadparm.c | 3 +++
lib/util/close_low_fd.c | 3 ++-
libcli/nbt/pynbt.c | 4 ++--
libgpo/gpo_reg.c | 2 +-
source3/modules/vfs_preopen.c | 18 ++++++++--------
source3/services/svc_winreg_glue.c | 2 +-
source4/torture/basic/scanner.c | 42 +++++++++++++++++++-------------------
source4/torture/raw/open.c | 2 +-
source4/torture/rpc/forest_trust.c | 5 ++---
source4/torture/rpc/samr.c | 2 +-
source4/torture/smb2/sharemode.c | 6 +++---
11 files changed, 46 insertions(+), 43 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 00971309042..0afdcebb02d 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -1273,6 +1273,9 @@ bool handle_printing(struct loadparm_context *lp_ctx,
struct loadparm_service *s
if (parm_num == -1) {
parm_num = lpcfg_map_parameter("printing");
+ if (parm_num == -1) {
+ return false;
+ }
}
if (!lp_set_enum_parm(&parm_table[parm_num], pszParmValue, (int*)ptr)) {
diff --git a/lib/util/close_low_fd.c b/lib/util/close_low_fd.c
index 84a69067644..5d52f617bbb 100644
--- a/lib/util/close_low_fd.c
+++ b/lib/util/close_low_fd.c
@@ -47,9 +47,10 @@ _PUBLIC_ int close_low_fd(int fd)
if (ret != 0) {
return errno;
}
+
+ dev_null = open("/dev/null", O_RDWR, 0);
}
- dev_null = open("/dev/null", O_RDWR, 0);
if (dev_null == -1) {
dev_null = open("/dev/null", O_WRONLY, 0);
}
diff --git a/libcli/nbt/pynbt.c b/libcli/nbt/pynbt.c
index e0a72fa8451..18ae369b695 100644
--- a/libcli/nbt/pynbt.c
+++ b/libcli/nbt/pynbt.c
@@ -141,7 +141,7 @@ err:
return false;
}
-static PyObject *PyObject_FromNBTName(struct nbt_name_socket *name_socket,
+static PyObject *PyObject_FromNBTName(struct nbt_name_socket *name_socket,
struct nbt_name *name)
{
if (name->scope) {
@@ -274,7 +274,7 @@ static PyObject *py_nbt_name_register(PyObject *self,
PyObject *args, PyObject *
{
nbt_node_Object *node = (nbt_node_Object *)self;
PyObject *ret, *py_dest, *py_name;
- struct nbt_name_register io;
+ struct nbt_name_register io = {};
NTSTATUS status;
const char *kwnames[] = { "name", "address", "dest", "register_demand",
"broadcast",
diff --git a/libgpo/gpo_reg.c b/libgpo/gpo_reg.c
index a1a8d7d1a07..9c1e1693b15 100644
--- a/libgpo/gpo_reg.c
+++ b/libgpo/gpo_reg.c
@@ -705,7 +705,7 @@ static WERROR gp_reg_generate_sd(TALLOC_CTX *mem_ctx,
struct security_descriptor **sd,
size_t *sd_size)
{
- struct security_ace ace[6];
+ struct security_ace ace[6] = {};
uint32_t mask;
struct security_acl *theacl = NULL;
diff --git a/source3/modules/vfs_preopen.c b/source3/modules/vfs_preopen.c
index d1327f64e58..aa37158cf20 100644
--- a/source3/modules/vfs_preopen.c
+++ b/source3/modules/vfs_preopen.c
@@ -203,22 +203,22 @@ static bool preopen_helper_open_one(int sock_fd, char
**pnamebuf,
size_t to_read, void *filebuf)
{
char *namebuf = *pnamebuf;
- ssize_t nread;
+ size_t nread = 0;
+ ssize_t chunk;
char c = 0;
int fd;
- nread = 0;
-
do {
- ssize_t thistime;
-
- thistime = read(sock_fd, namebuf + nread,
+ chunk = read(sock_fd, namebuf + nread,
talloc_get_size(namebuf) - nread);
- if (thistime <= 0) {
+ if (chunk <= 0) {
return false;
}
- nread += thistime;
+ if (nread + chunk < nread) {
+ return false;
+ }
+ nread += chunk;
if (nread == talloc_get_size(namebuf)) {
namebuf = talloc_realloc(
@@ -235,7 +235,7 @@ static bool preopen_helper_open_one(int sock_fd, char
**pnamebuf,
if (fd == -1) {
goto done;
}
- nread = read(fd, filebuf, to_read);
+ chunk = read(fd, filebuf, to_read);
close(fd);
done:
diff --git a/source3/services/svc_winreg_glue.c
b/source3/services/svc_winreg_glue.c
index 50b9897acde..6d50863af04 100644
--- a/source3/services/svc_winreg_glue.c
+++ b/source3/services/svc_winreg_glue.c
@@ -35,7 +35,7 @@ struct security_descriptor* svcctl_gen_service_sd(TALLOC_CTX
*mem_ctx)
{
struct security_descriptor *sd = NULL;
struct security_acl *theacl = NULL;
- struct security_ace ace[4];
+ struct security_ace ace[4] = {};
size_t sd_size;
size_t i = 0;
diff --git a/source4/torture/basic/scanner.c b/source4/torture/basic/scanner.c
index 144b7d0e036..335179f82bb 100644
--- a/source4/torture/basic/scanner.c
+++ b/source4/torture/basic/scanner.c
@@ -1,18 +1,18 @@
-/*
+/*
Unix SMB/CIFS implementation.
SMB torture tester - scanning functions
Copyright (C) Andrew Tridgell 2001
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -51,7 +51,7 @@ static void trans2_check_hit(const char *format, int op, int
level, NTSTATUS sta
/****************************************************************************
check for existence of a trans2 call
****************************************************************************/
-static NTSTATUS try_trans2(struct smbcli_state *cli,
+static NTSTATUS try_trans2(struct smbcli_state *cli,
int op,
uint8_t *param, uint8_t *data,
int param_len, int data_len,
@@ -292,22 +292,22 @@ bool torture_trans2_scan(struct torture_context *torture,
if (fnum == -1) {
printf("file open failed - %s\n", smbcli_errstr(cli->tree));
}
- dnum = smbcli_nt_create_full(cli->tree, "\\",
- 0,
- SEC_RIGHTS_FILE_READ,
+ dnum = smbcli_nt_create_full(cli->tree, "\\",
+ 0,
+ SEC_RIGHTS_FILE_READ,
FILE_ATTRIBUTE_NORMAL,
- NTCREATEX_SHARE_ACCESS_READ |
NTCREATEX_SHARE_ACCESS_WRITE,
- NTCREATEX_DISP_OPEN,
+ NTCREATEX_SHARE_ACCESS_READ |
NTCREATEX_SHARE_ACCESS_WRITE,
+ NTCREATEX_DISP_OPEN,
NTCREATEX_OPTIONS_DIRECTORY, 0);
if (dnum == -1) {
printf("directory open failed - %s\n",
smbcli_errstr(cli->tree));
}
- qfnum = smbcli_nt_create_full(cli->tree,
"\\$Extend\\$Quota:$Q:$INDEX_ALLOCATION",
- NTCREATEX_FLAGS_EXTENDED,
- SEC_FLAG_MAXIMUM_ALLOWED,
+ qfnum = smbcli_nt_create_full(cli->tree,
"\\$Extend\\$Quota:$Q:$INDEX_ALLOCATION",
+ NTCREATEX_FLAGS_EXTENDED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
0,
-
NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE,
- NTCREATEX_DISP_OPEN,
+
NTCREATEX_SHARE_ACCESS_READ|NTCREATEX_SHARE_ACCESS_WRITE,
+ NTCREATEX_DISP_OPEN,
0, 0);
if (qfnum == -1) {
printf("quota open failed - %s\n", smbcli_errstr(cli->tree));
@@ -359,13 +359,13 @@ static void nttrans_check_hit(const char *format, int op,
int level, NTSTATUS st
/****************************************************************************
check for existence of a nttrans call
****************************************************************************/
-static NTSTATUS try_nttrans(struct smbcli_state *cli,
+static NTSTATUS try_nttrans(struct smbcli_state *cli,
int op,
uint8_t *param, uint8_t *data,
int param_len, int data_len,
int *rparam_len, int *rdata_len)
{
- struct smb_nttrans parms;
+ struct smb_nttrans parms = {};
DATA_BLOB ntparam_blob, ntdata_blob;
TALLOC_CTX *mem_ctx;
NTSTATUS status;
@@ -384,9 +384,9 @@ static NTSTATUS try_nttrans(struct smbcli_state *cli,
parms.in.function = op;
parms.in.params = ntparam_blob;
parms.in.data = ntdata_blob;
-
+
status = smb_raw_nttrans(cli->tree, mem_ctx, &parms);
-
+
if (NT_STATUS_IS_ERR(status)) {
DEBUG(1,("Failed to send NT_TRANS\n"));
talloc_free(mem_ctx);
@@ -541,14 +541,14 @@ static bool scan_nttrans(struct smbcli_state *cli, int
op, int level,
}
-bool torture_nttrans_scan(struct torture_context *torture,
+bool torture_nttrans_scan(struct torture_context *torture,
struct smbcli_state *cli)
{
int op, level;
const char *fname = "\\scanner.dat";
int fnum, dnum;
- fnum = smbcli_open(cli->tree, fname, O_RDWR | O_CREAT | O_TRUNC,
+ fnum = smbcli_open(cli->tree, fname, O_RDWR | O_CREAT | O_TRUNC,
DENY_NONE);
dnum = smbcli_open(cli->tree, "\\", O_RDONLY, DENY_NONE);
diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c
index 446a284d510..f4eeb4e8c6e 100644
--- a/source4/torture/raw/open.c
+++ b/source4/torture/raw/open.c
@@ -1133,7 +1133,7 @@ done:
*/
static bool test_ntcreatex_brlocked(struct torture_context *tctx, struct
smbcli_state *cli)
{
- union smb_open io, io1;
+ union smb_open io = {}, io1 = {};
union smb_lock io2;
struct smb_lock_entry lock[1];
const char *fname = BASEDIR "\\torture_ntcreatex.txt";
diff --git a/source4/torture/rpc/forest_trust.c
b/source4/torture/rpc/forest_trust.c
index 0a09bb12da6..8161853b5a4 100644
--- a/source4/torture/rpc/forest_trust.c
+++ b/source4/torture/rpc/forest_trust.c
@@ -236,7 +236,7 @@ static bool get_and_set_info(struct dcerpc_pipe *p,
NTSTATUS status;
struct lsa_QueryTrustedDomainInfoByName qr;
struct lsa_SetTrustedDomainInfoByName sr;
- union lsa_TrustedDomainInfo *info;
+ union lsa_TrustedDomainInfo *info = NULL;
struct lsa_Close cr;
struct policy_handle closed_handle;
size_t c;
@@ -273,7 +273,6 @@ static bool get_and_set_info(struct dcerpc_pipe *p,
sr.in.handle = handle;
sr.in.trusted_domain = talloc_zero(tctx, struct lsa_String);
sr.in.trusted_domain->string = name;
- sr.in.info = info;
for (c = 0; il[c].info_level != -1; c++) {
torture_comment(tctx, "\nGetting/Setting dom info
[%d]\n",il[c].info_level);
@@ -288,7 +287,7 @@ static bool get_and_set_info(struct dcerpc_pipe *p,
"%s but %s\n",
nt_errstr(il[c].get_result),
nt_errstr(qr.out.result));
-
+
/* We may be testing a server without support for this
level */
if (qr.in.level ==
LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES && NT_STATUS_EQUAL(qr.out.result,
NT_STATUS_INVALID_PARAMETER)) {
return true;
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index b7d0b2c72cf..36dd86f6770 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -3598,7 +3598,7 @@ static bool test_SamLogon(struct torture_context *tctx,
union netr_LogonLevel logon;
union netr_Validation validation;
uint8_t authoritative;
- struct netr_IdentityInfo identity;
+ struct netr_IdentityInfo identity = {};
struct netr_NetworkInfo ninfo;
struct netr_PasswordInfo pinfo;
DATA_BLOB names_blob, chal, lm_resp, nt_resp;
diff --git a/source4/torture/smb2/sharemode.c b/source4/torture/smb2/sharemode.c
index 97381b56f17..b503378e9c3 100644
--- a/source4/torture/smb2/sharemode.c
+++ b/source4/torture/smb2/sharemode.c
@@ -634,9 +634,9 @@ static bool test_smb2_bug14375(struct torture_context *tctx,
struct smb2_tree *tree)
{
const char *fname = "test_bug14375";
- struct smb2_create cr1;
- struct smb2_create cr2;
- struct smb2_create cr3;
+ struct smb2_create cr1 = {};
+ struct smb2_create cr2 = {};
+ struct smb2_create cr3 = {};
NTSTATUS status;
bool ret = true;
--
Samba Shared Repository
