From 54ce370f7d0ac0972f9693cef424c4239b15c754 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 24 Jun 2024 15:09:21 +0200 Subject: [PATCH] s4:torture: Fully initialize struct samr_OpenUser "Error: UNINIT (CWE-457): samba-4.20.0rc2/source4/torture/rpc/samr.c:7381: var_decl: Declaring variable ""r"" without initializer. samba-4.20.0rc2/source4/torture/rpc/samr.c:7428: uninit_use: Using uninitialized value ""r.out.result.v"". 7426| torture_assert_ntstatus_ok(tctx, dcerpc_samr_QueryUserInfo_r(b, tctx, &q), 7427| ""QueryUserInfo failed""); 7428|-> if (!NT_STATUS_IS_OK(r.out.result)) { 7429| torture_result(tctx, TORTURE_FAIL, ""QueryUserInfo(%u) failed - %s\n"", r.in.rid, nt_errstr(r.out.result)); 7430| return false;" Signed-off-by: Andreas Schneider Reviewed-by: Noel Power --- source4/torture/rpc/samr.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 22e0606de96..b7d0b2c72cf 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -7378,13 +7378,17 @@ static bool test_each_DisplayInfo_user(struct dcerpc_binding_handle *b, struct samr_QueryDisplayInfo *querydisplayinfo, bool *seen_testuser) { - struct samr_OpenUser r; + struct samr_OpenUser r = { + .in = { + .domain_handle = querydisplayinfo->in.domain_handle, + .access_mask = SEC_FLAG_MAXIMUM_ALLOWED, + }, + }; struct samr_QueryUserInfo q; union samr_UserInfo *info; struct policy_handle user_handle; int i, ret = true; - r.in.domain_handle = querydisplayinfo->in.domain_handle; - r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + for (i = 0; ; i++) { switch (querydisplayinfo->in.level) { case 1: