The branch, master has been updated via 7bb59168e9d s4:torture: Initialize struct cldap_netlogon via bd298f2612a s4:torture: Remove trailing spaces from cldapbench.c via 125c5a93bbb s4:torture: Initialize struct netr_LogonSamLogonEx via 5fe20309966 nsswitch: Fix integer size types in winbind_write_sock() via 3c91ad94639 examples:winexe: Initialize integer via 8d637d667d0 auth:gensec: Fully initialize struct spnego_data via d64242f676d s4:torture: Initialize union spoolss_KeyNames via a39cb60c3fb examples:winexe: Fully initialize EXPLICIT_ACCESS via 2e1ac4bbf5b s4:torture: Initialize pointer with NULL via f124c2df928 s3:smbd: Initialize struct security_ace array from f7229d61ede s4:torture: Add new LSA test_query_forest_trust_info()
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 7bb59168e9dea9c7a85010cdc8b70e9889f5a866 Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 17 10:58:09 2024 +0200 s4:torture: Initialize struct cldap_netlogon "Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:40: var_decl: Declaring variable ""io"" without initializer. samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:45: uninit_use_in_call: Using uninitialized value ""io.in.map_response"" when calling ""cldap_netlogon_recv"". 43| TALLOC_CTX *tmp_ctx = talloc_new(NULL); 44| io.in.version = 6; 45|-> status = cldap_netlogon_recv(req, tmp_ctx, &io); 46| talloc_free(req); 47| if (NT_STATUS_IS_OK(status)) {" Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Thu Jul 18 13:48:03 UTC 2024 on atb-devel-224 commit bd298f2612a7233693e8a7cf71970cc4ae1789e6 Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 17 10:57:43 2024 +0200 s4:torture: Remove trailing spaces from cldapbench.c Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit 125c5a93bbb60b68d054db59aef37ebb77bdb4da Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 17 10:55:28 2024 +0200 s4:torture: Initialize struct netr_LogonSamLogonEx "Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/rpc/schannel.c:49: var_decl: Declaring variable ""r"" without initializer. samba-4.20.0rc2/source4/torture/rpc/schannel.c:152: uninit_use_in_call: Using uninitialized value ""r.in.validation_level"" when calling ""torture_comment"". 150| ""LogonSamLogonEx failed""); 151| } else { 152|-> torture_comment(tctx, 153| ""Skip auth_level[%u] Testing LogonSamLogonEx with name %s using %s and validation_level: %d\n"", 154| auth_level, ninfo.identity_info.account_name.string, crypto_alg," Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit 5fe203099665cce636c6fa70a692d044bbfbe322 Author: Andreas Schneider <a...@samba.org> Date: Wed Jul 17 10:50:30 2024 +0200 nsswitch: Fix integer size types in winbind_write_sock() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit 3c91ad94639ee009a6f03bb916cc99162286d005 Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 16 17:03:19 2024 +0200 examples:winexe: Initialize integer "Error: UNINIT (CWE-457): samba-4.20.0rc2/examples/winexe/winexesvc.c:147: var_decl: Declaring variable ""res"" without initializer. samba-4.20.0rc2/examples/winexe/winexesvc.c:156: uninit_use: Using uninitialized value ""res"". 154| GetOverlappedResult(pipe->h, &pipe->o, (LPDWORD)&res, TRUE); 155| FlushFileBuffers(pipe->h); 156|-> return res; 157| } 158|" Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit 8d637d667d0bbc642f2b4220cf78c2b69025ecdb Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 16 17:01:22 2024 +0200 auth:gensec: Fully initialize struct spnego_data "Error: UNINIT (CWE-457): samba-4.20.0rc2/auth/gensec/spnego.c:1129: var_decl: Declaring variable ""spnego_out"" without initializer. samba-4.20.0rc2/auth/gensec/spnego.c:1154: uninit_use_in_call: Using uninitialized value ""spnego_out.negTokenTarg.negResult"" when calling ""spnego_write_data"". 1152| } 1153| 1154|-> if (spnego_write_data(out_mem_ctx, out, &spnego_out) == -1) { 1155| DEBUG(1, (""Failed to write SPNEGO reply to NEG_TOKEN_TARG\n"")); 1156| return NT_STATUS_INVALID_PARAMETER;" Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit d64242f676dbeda52696e9138c01b6768b5a4eca Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 16 16:59:12 2024 +0200 s4:torture: Initialize union spoolss_KeyNames "Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/rpc/spoolss.c:7835: var_decl: Declaring variable ""key_buffer"" without initializer. samba-4.20.0rc2/source4/torture/rpc/spoolss.c:7906: uninit_use: Using uninitialized value ""key_buffer.string_array"". 7904| 7905| if (array) { 7906|-> *array = key_buffer.string_array; 7907| } 7908|" Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit a39cb60c3fb6a92719afe5637dd2317c4afb0f71 Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 16 10:45:53 2024 +0200 examples:winexe: Fully initialize EXPLICIT_ACCESS "Error: UNINIT (CWE-457): samba-4.20.0rc2/examples/winexe/winexesvc.c:60: var_decl: Declaring variable ""ea"" without initializer. samba-4.20.0rc2/examples/winexe/winexesvc.c:86: uninit_use_in_call: Using uninitialized value ""ea"". Field ""ea.Trustee.pMultipleTrustee"" is uninitialized when calling ""SetEntriesInAclA"". 84| 85| /* Create a new ACL that contains the new ACEs */ 86|-> dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL); 87| if (ERROR_SUCCESS != dwRes) { 88| dbg(""SetEntriesInAcl Error %lu\n"", GetLastError());" Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit 2e1ac4bbf5b5a52bda106841be2e2ce3a5e3880c Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 16 10:33:38 2024 +0200 s4:torture: Initialize pointer with NULL "Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1447: var_decl: Declaring variable ""tree2"" without initializer. samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1492: uninit_use_in_call: Using uninitialized value ""tree2"" when calling ""smb2_util_unlink"". 1490| } 1491| 1492|-> smb2_util_unlink(tree2, fname); 1493| 1494| talloc_free(tree);" Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit f124c2df928fc1eac8412303d894b714e05d1e1f Author: Andreas Schneider <a...@samba.org> Date: Tue Jul 16 10:31:53 2024 +0200 s3:smbd: Initialize struct security_ace array "Error: UNINIT (CWE-457): samba-4.20.0rc2/source3/smbd/posix_acls.c:4599: var_decl: Declaring variable ""aces"" without initializer. samba-4.20.0rc2/source3/smbd/posix_acls.c:4676: uninit_use_in_call: Using uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when calling ""make_sec_acl"". 4674| idx++; 4675| 4676|-> new_dacl = make_sec_acl(ctx, 4677| NT4_ACL_REVISION, 4678| idx," Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> ----------------------------------------------------------------------- Summary of changes: auth/gensec/spnego.c | 13 ++++++------- examples/winexe/winexesvc.c | 26 +++++++++++++++----------- nsswitch/wb_common.c | 11 ++++++++--- source3/smbd/posix_acls.c | 2 +- source4/torture/ldap/cldapbench.c | 18 +++++++++--------- source4/torture/rpc/schannel.c | 2 +- source4/torture/rpc/spoolss.c | 2 +- source4/torture/smb2/durable_open.c | 2 +- 8 files changed, 42 insertions(+), 34 deletions(-) Changeset truncated at 500 lines: diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index 28d2e69132b..378ba3402c4 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -1110,13 +1110,12 @@ static NTSTATUS gensec_spnego_server_response(struct spnego_state *spnego_state, DATA_BLOB mech_list_mic, DATA_BLOB *out) { - struct spnego_data spnego_out; - - /* compose reply */ - spnego_out.type = SPNEGO_NEG_TOKEN_TARG; - spnego_out.negTokenTarg.responseToken = unwrapped_out; - spnego_out.negTokenTarg.mechListMIC = mech_list_mic; - spnego_out.negTokenTarg.supportedMech = NULL; + struct spnego_data spnego_out = { + .type = SPNEGO_NEG_TOKEN_TARG, + .negTokenTarg.responseToken = unwrapped_out, + .negTokenTarg.mechListMIC = mech_list_mic, + .negTokenTarg.supportedMech = NULL, + }; if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { spnego_out.negTokenTarg.supportedMech = spnego_state->neg_oid; diff --git a/examples/winexe/winexesvc.c b/examples/winexe/winexesvc.c index 980f4d1ab6d..f993c9a9c69 100644 --- a/examples/winexe/winexesvc.c +++ b/examples/winexe/winexesvc.c @@ -57,7 +57,20 @@ static int CreatePipesSA() PSID pAdminSID = NULL; PACL pACL = NULL; PSECURITY_DESCRIPTOR pSD = NULL; - EXPLICIT_ACCESS ea; + /* + * Initialize an EXPLICIT_ACCESS structure for an ACE. + * The ACE will allow the Administrators group full access to the key. + */ + EXPLICIT_ACCESS ea = { + .grfAccessPermissions = FILE_ALL_ACCESS, + .grfAccessMode = SET_ACCESS, + .grfInheritance = NO_INHERITANCE, + .Trustee = { + .TrusteeForm = TRUSTEE_IS_SID, + .TrusteeType = TRUSTEE_IS_GROUP, + .ptstrName = (LPTSTR)pAdminSID, + }, + }; SID_IDENTIFIER_AUTHORITY SIDAuthNT = {SECURITY_NT_AUTHORITY}; /* Create a SID for the BUILTIN\Administrators group. */ @@ -72,15 +85,6 @@ static int CreatePipesSA() dbg("AllocateAndInitializeSid Error %lu\n", GetLastError()); return 0; } - /* Initialize an EXPLICIT_ACCESS structure for an ACE. - The ACE will allow the Administrators group full access to the key. - */ - ea.grfAccessPermissions = FILE_ALL_ACCESS; - ea.grfAccessMode = SET_ACCESS; - ea.grfInheritance = NO_INHERITANCE; - ea.Trustee.TrusteeForm = TRUSTEE_IS_SID; - ea.Trustee.TrusteeType = TRUSTEE_IS_GROUP; - ea.Trustee.ptstrName = (LPTSTR) pAdminSID; /* Create a new ACL that contains the new ACEs */ dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL); @@ -144,7 +148,7 @@ finish: static int hprintf(OV_HANDLE *pipe, const char *fmt, ...) { - int res; + int res = -1; char buf[1024]; va_list ap; va_start(ap, fmt); diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c index b7f84435a4e..9898b037c55 100644 --- a/nsswitch/wb_common.c +++ b/nsswitch/wb_common.c @@ -671,10 +671,14 @@ static int winbind_open_pipe_sock(struct winbindd_context *ctx, /* Write data to winbindd socket */ -static int winbind_write_sock(struct winbindd_context *ctx, void *buffer, - int count, int recursing, int need_priv) +static ssize_t winbind_write_sock(struct winbindd_context *ctx, + void *buffer, + size_t count, + int recursing, + int need_priv) { - int fd, result, nwritten; + int fd; + ssize_t nwritten; /* Open connection to winbind daemon */ @@ -692,6 +696,7 @@ static int winbind_write_sock(struct winbindd_context *ctx, void *buffer, while(nwritten < count) { struct pollfd pfd; + ssize_t result; int ret; /* Catch pipe close on other end by checking if a read() diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 38373e96aca..0f6a0d52e01 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -4596,7 +4596,7 @@ static NTSTATUS make_default_acl_posix(TALLOC_CTX *ctx, { struct dom_sid owner_sid, group_sid; size_t size = 0; - struct security_ace aces[4]; + struct security_ace aces[4] = {}; uint32_t access_mask = 0; mode_t mode = psbuf->st_ex_mode; struct security_acl *new_dacl = NULL; diff --git a/source4/torture/ldap/cldapbench.c b/source4/torture/ldap/cldapbench.c index 9b6f7f2e6e4..2b18749bc03 100644 --- a/source4/torture/ldap/cldapbench.c +++ b/source4/torture/ldap/cldapbench.c @@ -1,20 +1,20 @@ -/* +/* Unix SMB/CIFS implementation. CLDAP benchmark test Copyright (C) Andrew Tridgell 2005 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -37,7 +37,7 @@ struct bench_state { static void request_netlogon_handler(struct tevent_req *req) { - struct cldap_netlogon io; + struct cldap_netlogon io = {}; struct bench_state *state = tevent_req_callback_data(req, struct bench_state); NTSTATUS status; TALLOC_CTX *tmp_ctx = talloc_new(NULL); @@ -97,7 +97,7 @@ static bool bench_cldap_netlogon(struct torture_context *tctx, const char *addre num_sent++; if (num_sent % 50 == 0) { if (torture_setting_bool(tctx, "progress", true)) { - printf("%.1f queries per second (%d failures) \r", + printf("%.1f queries per second (%d failures) \r", state->pass_count / timeval_elapsed(&tv), state->fail_count); fflush(stdout); @@ -112,7 +112,7 @@ static bool bench_cldap_netlogon(struct torture_context *tctx, const char *addre tevent_loop_once(tctx->ev); } - printf("%.1f queries per second (%d failures) \n", + printf("%.1f queries per second (%d failures) \n", state->pass_count / timeval_elapsed(&tv), state->fail_count); @@ -206,7 +206,7 @@ static bool bench_cldap_rootdse(struct torture_context *tctx, const char *addres /* benchmark how fast a CLDAP server can respond to a series of parallel - requests + requests */ bool torture_bench_cldap(struct torture_context *torture) { @@ -214,7 +214,7 @@ bool torture_bench_cldap(struct torture_context *torture) struct nbt_name name; NTSTATUS status; bool ret = true; - + make_nbt_name_server(&name, torture_setting_string(torture, "host", NULL)); /* do an initial name resolution to find its IP */ diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index 04752424cd2..fab1fa4af45 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -46,7 +46,7 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx, struct netlogon_creds_CredentialState *creds) { NTSTATUS status; - struct netr_LogonSamLogonEx r; + struct netr_LogonSamLogonEx r = {}; struct netr_NetworkInfo ninfo; union netr_LogonLevel logon; union netr_Validation validation; diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index 867b94ba654..54b4e8cfb7d 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -7832,7 +7832,7 @@ static bool test_EnumPrinterKey(struct torture_context *tctx, { struct spoolss_EnumPrinterKey r; uint32_t needed = 0; - union spoolss_KeyNames key_buffer; + union spoolss_KeyNames key_buffer = {}; int32_t offered[] = { 0, 1, 2, 3, 4, 5, -1, -2, -3, -4, -5, 256, 512, 1024, 2048 }; uint32_t _ndr_size; int i; diff --git a/source4/torture/smb2/durable_open.c b/source4/torture/smb2/durable_open.c index e4513cf4155..cd07b330484 100644 --- a/source4/torture/smb2/durable_open.c +++ b/source4/torture/smb2/durable_open.c @@ -1444,7 +1444,7 @@ static bool test_durable_open_reopen3(struct torture_context *tctx, struct smb2_handle *h = NULL; struct smb2_create io1, io2; bool ret = true; - struct smb2_tree *tree2; + struct smb2_tree *tree2 = NULL; /* Choose a random name in case the state is left a little funky. */ snprintf(fname, 256, "durable_open_reopen3_%s.dat", -- Samba Shared Repository