The branch, master has been updated
via 7bb59168e9d s4:torture: Initialize struct cldap_netlogon
via bd298f2612a s4:torture: Remove trailing spaces from cldapbench.c
via 125c5a93bbb s4:torture: Initialize struct netr_LogonSamLogonEx
via 5fe20309966 nsswitch: Fix integer size types in winbind_write_sock()
via 3c91ad94639 examples:winexe: Initialize integer
via 8d637d667d0 auth:gensec: Fully initialize struct spnego_data
via d64242f676d s4:torture: Initialize union spoolss_KeyNames
via a39cb60c3fb examples:winexe: Fully initialize EXPLICIT_ACCESS
via 2e1ac4bbf5b s4:torture: Initialize pointer with NULL
via f124c2df928 s3:smbd: Initialize struct security_ace array
from f7229d61ede s4:torture: Add new LSA test_query_forest_trust_info()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7bb59168e9dea9c7a85010cdc8b70e9889f5a866
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jul 17 10:58:09 2024 +0200
s4:torture: Initialize struct cldap_netlogon
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:40: var_decl: Declaring
variable ""io"" without initializer.
samba-4.20.0rc2/source4/torture/ldap/cldapbench.c:45: uninit_use_in_call:
Using uninitialized value ""io.in.map_response"" when calling
""cldap_netlogon_recv"".
43| TALLOC_CTX *tmp_ctx = talloc_new(NULL);
44| io.in.version = 6;
45|-> status = cldap_netlogon_recv(req, tmp_ctx, &io);
46| talloc_free(req);
47| if (NT_STATUS_IS_OK(status)) {"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org>
Autobuild-Date(master): Thu Jul 18 13:48:03 UTC 2024 on atb-devel-224
commit bd298f2612a7233693e8a7cf71970cc4ae1789e6
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jul 17 10:57:43 2024 +0200
s4:torture: Remove trailing spaces from cldapbench.c
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 125c5a93bbb60b68d054db59aef37ebb77bdb4da
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jul 17 10:55:28 2024 +0200
s4:torture: Initialize struct netr_LogonSamLogonEx
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/schannel.c:49: var_decl: Declaring
variable ""r"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/schannel.c:152: uninit_use_in_call:
Using uninitialized value ""r.in.validation_level"" when calling
""torture_comment"".
150| ""LogonSamLogonEx failed"");
151| } else {
152|-> torture_comment(tctx,
153| ""Skip auth_level[%u] Testing
LogonSamLogonEx with name %s using %s and validation_level: %d\n"",
154| auth_level,
ninfo.identity_info.account_name.string, crypto_alg,"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 5fe203099665cce636c6fa70a692d044bbfbe322
Author: Andreas Schneider <a...@samba.org>
Date: Wed Jul 17 10:50:30 2024 +0200
nsswitch: Fix integer size types in winbind_write_sock()
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 3c91ad94639ee009a6f03bb916cc99162286d005
Author: Andreas Schneider <a...@samba.org>
Date: Tue Jul 16 17:03:19 2024 +0200
examples:winexe: Initialize integer
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/examples/winexe/winexesvc.c:147: var_decl: Declaring
variable ""res"" without initializer.
samba-4.20.0rc2/examples/winexe/winexesvc.c:156: uninit_use: Using
uninitialized value ""res"".
154| GetOverlappedResult(pipe->h, &pipe->o, (LPDWORD)&res,
TRUE);
155| FlushFileBuffers(pipe->h);
156|-> return res;
157| }
158|"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 8d637d667d0bbc642f2b4220cf78c2b69025ecdb
Author: Andreas Schneider <a...@samba.org>
Date: Tue Jul 16 17:01:22 2024 +0200
auth:gensec: Fully initialize struct spnego_data
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/auth/gensec/spnego.c:1129: var_decl: Declaring variable
""spnego_out"" without initializer.
samba-4.20.0rc2/auth/gensec/spnego.c:1154: uninit_use_in_call: Using
uninitialized value ""spnego_out.negTokenTarg.negResult"" when calling
""spnego_write_data"".
1152| }
1153|
1154|-> if (spnego_write_data(out_mem_ctx, out, &spnego_out) == -1) {
1155| DEBUG(1, (""Failed to write SPNEGO reply to
NEG_TOKEN_TARG\n""));
1156| return NT_STATUS_INVALID_PARAMETER;"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit d64242f676dbeda52696e9138c01b6768b5a4eca
Author: Andreas Schneider <a...@samba.org>
Date: Tue Jul 16 16:59:12 2024 +0200
s4:torture: Initialize union spoolss_KeyNames
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/rpc/spoolss.c:7835: var_decl: Declaring
variable ""key_buffer"" without initializer.
samba-4.20.0rc2/source4/torture/rpc/spoolss.c:7906: uninit_use: Using
uninitialized value ""key_buffer.string_array"".
7904|
7905| if (array) {
7906|-> *array = key_buffer.string_array;
7907| }
7908|"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit a39cb60c3fb6a92719afe5637dd2317c4afb0f71
Author: Andreas Schneider <a...@samba.org>
Date: Tue Jul 16 10:45:53 2024 +0200
examples:winexe: Fully initialize EXPLICIT_ACCESS
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/examples/winexe/winexesvc.c:60: var_decl: Declaring
variable ""ea"" without initializer.
samba-4.20.0rc2/examples/winexe/winexesvc.c:86: uninit_use_in_call: Using
uninitialized value ""ea"". Field ""ea.Trustee.pMultipleTrustee"" is
uninitialized when calling ""SetEntriesInAclA"".
84|
85| /* Create a new ACL that contains the new ACEs */
86|-> dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
87| if (ERROR_SUCCESS != dwRes) {
88| dbg(""SetEntriesInAcl Error %lu\n"", GetLastError());"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit 2e1ac4bbf5b5a52bda106841be2e2ce3a5e3880c
Author: Andreas Schneider <a...@samba.org>
Date: Tue Jul 16 10:33:38 2024 +0200
s4:torture: Initialize pointer with NULL
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1447: var_decl:
Declaring variable ""tree2"" without initializer.
samba-4.20.0rc2/source4/torture/smb2/durable_open.c:1492:
uninit_use_in_call: Using uninitialized value ""tree2"" when calling
""smb2_util_unlink"".
1490| }
1491|
1492|-> smb2_util_unlink(tree2, fname);
1493|
1494| talloc_free(tree);"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
commit f124c2df928fc1eac8412303d894b714e05d1e1f
Author: Andreas Schneider <a...@samba.org>
Date: Tue Jul 16 10:31:53 2024 +0200
s3:smbd: Initialize struct security_ace array
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/smbd/posix_acls.c:4599: var_decl: Declaring
variable ""aces"" without initializer.
samba-4.20.0rc2/source3/smbd/posix_acls.c:4676: uninit_use_in_call: Using
uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when
calling ""make_sec_acl"".
4674| idx++;
4675|
4676|-> new_dacl = make_sec_acl(ctx,
4677| NT4_ACL_REVISION,
4678| idx,"
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Alexander Bokovoy <a...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/gensec/spnego.c | 13 ++++++-------
examples/winexe/winexesvc.c | 26 +++++++++++++++-----------
nsswitch/wb_common.c | 11 ++++++++---
source3/smbd/posix_acls.c | 2 +-
source4/torture/ldap/cldapbench.c | 18 +++++++++---------
source4/torture/rpc/schannel.c | 2 +-
source4/torture/rpc/spoolss.c | 2 +-
source4/torture/smb2/durable_open.c | 2 +-
8 files changed, 42 insertions(+), 34 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c
index 28d2e69132b..378ba3402c4 100644
--- a/auth/gensec/spnego.c
+++ b/auth/gensec/spnego.c
@@ -1110,13 +1110,12 @@ static NTSTATUS gensec_spnego_server_response(struct
spnego_state *spnego_state,
DATA_BLOB mech_list_mic,
DATA_BLOB *out)
{
- struct spnego_data spnego_out;
-
- /* compose reply */
- spnego_out.type = SPNEGO_NEG_TOKEN_TARG;
- spnego_out.negTokenTarg.responseToken = unwrapped_out;
- spnego_out.negTokenTarg.mechListMIC = mech_list_mic;
- spnego_out.negTokenTarg.supportedMech = NULL;
+ struct spnego_data spnego_out = {
+ .type = SPNEGO_NEG_TOKEN_TARG,
+ .negTokenTarg.responseToken = unwrapped_out,
+ .negTokenTarg.mechListMIC = mech_list_mic,
+ .negTokenTarg.supportedMech = NULL,
+ };
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
spnego_out.negTokenTarg.supportedMech = spnego_state->neg_oid;
diff --git a/examples/winexe/winexesvc.c b/examples/winexe/winexesvc.c
index 980f4d1ab6d..f993c9a9c69 100644
--- a/examples/winexe/winexesvc.c
+++ b/examples/winexe/winexesvc.c
@@ -57,7 +57,20 @@ static int CreatePipesSA()
PSID pAdminSID = NULL;
PACL pACL = NULL;
PSECURITY_DESCRIPTOR pSD = NULL;
- EXPLICIT_ACCESS ea;
+ /*
+ * Initialize an EXPLICIT_ACCESS structure for an ACE.
+ * The ACE will allow the Administrators group full access to the key.
+ */
+ EXPLICIT_ACCESS ea = {
+ .grfAccessPermissions = FILE_ALL_ACCESS,
+ .grfAccessMode = SET_ACCESS,
+ .grfInheritance = NO_INHERITANCE,
+ .Trustee = {
+ .TrusteeForm = TRUSTEE_IS_SID,
+ .TrusteeType = TRUSTEE_IS_GROUP,
+ .ptstrName = (LPTSTR)pAdminSID,
+ },
+ };
SID_IDENTIFIER_AUTHORITY SIDAuthNT = {SECURITY_NT_AUTHORITY};
/* Create a SID for the BUILTIN\Administrators group. */
@@ -72,15 +85,6 @@ static int CreatePipesSA()
dbg("AllocateAndInitializeSid Error %lu\n", GetLastError());
return 0;
}
- /* Initialize an EXPLICIT_ACCESS structure for an ACE.
- The ACE will allow the Administrators group full access to the key.
- */
- ea.grfAccessPermissions = FILE_ALL_ACCESS;
- ea.grfAccessMode = SET_ACCESS;
- ea.grfInheritance = NO_INHERITANCE;
- ea.Trustee.TrusteeForm = TRUSTEE_IS_SID;
- ea.Trustee.TrusteeType = TRUSTEE_IS_GROUP;
- ea.Trustee.ptstrName = (LPTSTR) pAdminSID;
/* Create a new ACL that contains the new ACEs */
dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
@@ -144,7 +148,7 @@ finish:
static int hprintf(OV_HANDLE *pipe, const char *fmt, ...)
{
- int res;
+ int res = -1;
char buf[1024];
va_list ap;
va_start(ap, fmt);
diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c
index b7f84435a4e..9898b037c55 100644
--- a/nsswitch/wb_common.c
+++ b/nsswitch/wb_common.c
@@ -671,10 +671,14 @@ static int winbind_open_pipe_sock(struct winbindd_context
*ctx,
/* Write data to winbindd socket */
-static int winbind_write_sock(struct winbindd_context *ctx, void *buffer,
- int count, int recursing, int need_priv)
+static ssize_t winbind_write_sock(struct winbindd_context *ctx,
+ void *buffer,
+ size_t count,
+ int recursing,
+ int need_priv)
{
- int fd, result, nwritten;
+ int fd;
+ ssize_t nwritten;
/* Open connection to winbind daemon */
@@ -692,6 +696,7 @@ static int winbind_write_sock(struct winbindd_context *ctx,
void *buffer,
while(nwritten < count) {
struct pollfd pfd;
+ ssize_t result;
int ret;
/* Catch pipe close on other end by checking if a read()
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 38373e96aca..0f6a0d52e01 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4596,7 +4596,7 @@ static NTSTATUS make_default_acl_posix(TALLOC_CTX *ctx,
{
struct dom_sid owner_sid, group_sid;
size_t size = 0;
- struct security_ace aces[4];
+ struct security_ace aces[4] = {};
uint32_t access_mask = 0;
mode_t mode = psbuf->st_ex_mode;
struct security_acl *new_dacl = NULL;
diff --git a/source4/torture/ldap/cldapbench.c
b/source4/torture/ldap/cldapbench.c
index 9b6f7f2e6e4..2b18749bc03 100644
--- a/source4/torture/ldap/cldapbench.c
+++ b/source4/torture/ldap/cldapbench.c
@@ -1,20 +1,20 @@
-/*
+/*
Unix SMB/CIFS implementation.
CLDAP benchmark test
Copyright (C) Andrew Tridgell 2005
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -37,7 +37,7 @@ struct bench_state {
static void request_netlogon_handler(struct tevent_req *req)
{
- struct cldap_netlogon io;
+ struct cldap_netlogon io = {};
struct bench_state *state = tevent_req_callback_data(req, struct
bench_state);
NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
@@ -97,7 +97,7 @@ static bool bench_cldap_netlogon(struct torture_context
*tctx, const char *addre
num_sent++;
if (num_sent % 50 == 0) {
if (torture_setting_bool(tctx, "progress",
true)) {
- printf("%.1f queries per second (%d
failures) \r",
+ printf("%.1f queries per second (%d
failures) \r",
state->pass_count /
timeval_elapsed(&tv),
state->fail_count);
fflush(stdout);
@@ -112,7 +112,7 @@ static bool bench_cldap_netlogon(struct torture_context
*tctx, const char *addre
tevent_loop_once(tctx->ev);
}
- printf("%.1f queries per second (%d failures) \n",
+ printf("%.1f queries per second (%d failures) \n",
state->pass_count / timeval_elapsed(&tv),
state->fail_count);
@@ -206,7 +206,7 @@ static bool bench_cldap_rootdse(struct torture_context
*tctx, const char *addres
/*
benchmark how fast a CLDAP server can respond to a series of parallel
- requests
+ requests
*/
bool torture_bench_cldap(struct torture_context *torture)
{
@@ -214,7 +214,7 @@ bool torture_bench_cldap(struct torture_context *torture)
struct nbt_name name;
NTSTATUS status;
bool ret = true;
-
+
make_nbt_name_server(&name, torture_setting_string(torture, "host",
NULL));
/* do an initial name resolution to find its IP */
diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c
index 04752424cd2..fab1fa4af45 100644
--- a/source4/torture/rpc/schannel.c
+++ b/source4/torture/rpc/schannel.c
@@ -46,7 +46,7 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct
torture_context *tctx,
struct netlogon_creds_CredentialState *creds)
{
NTSTATUS status;
- struct netr_LogonSamLogonEx r;
+ struct netr_LogonSamLogonEx r = {};
struct netr_NetworkInfo ninfo;
union netr_LogonLevel logon;
union netr_Validation validation;
diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c
index 867b94ba654..54b4e8cfb7d 100644
--- a/source4/torture/rpc/spoolss.c
+++ b/source4/torture/rpc/spoolss.c
@@ -7832,7 +7832,7 @@ static bool test_EnumPrinterKey(struct torture_context
*tctx,
{
struct spoolss_EnumPrinterKey r;
uint32_t needed = 0;
- union spoolss_KeyNames key_buffer;
+ union spoolss_KeyNames key_buffer = {};
int32_t offered[] = { 0, 1, 2, 3, 4, 5, -1, -2, -3, -4, -5, 256, 512,
1024, 2048 };
uint32_t _ndr_size;
int i;
diff --git a/source4/torture/smb2/durable_open.c
b/source4/torture/smb2/durable_open.c
index e4513cf4155..cd07b330484 100644
--- a/source4/torture/smb2/durable_open.c
+++ b/source4/torture/smb2/durable_open.c
@@ -1444,7 +1444,7 @@ static bool test_durable_open_reopen3(struct
torture_context *tctx,
struct smb2_handle *h = NULL;
struct smb2_create io1, io2;
bool ret = true;
- struct smb2_tree *tree2;
+ struct smb2_tree *tree2 = NULL;
/* Choose a random name in case the state is left a little funky. */
snprintf(fname, 256, "durable_open_reopen3_%s.dat",
--
Samba Shared Repository
