From a39cb60c3fb6a92719afe5637dd2317c4afb0f71 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Tue, 16 Jul 2024 10:45:53 +0200 Subject: [PATCH] examples:winexe: Fully initialize EXPLICIT_ACCESS "Error: UNINIT (CWE-457): samba-4.20.0rc2/examples/winexe/winexesvc.c:60: var_decl: Declaring variable ""ea"" without initializer. samba-4.20.0rc2/examples/winexe/winexesvc.c:86: uninit_use_in_call: Using uninitialized value ""ea"". Field ""ea.Trustee.pMultipleTrustee"" is uninitialized when calling ""SetEntriesInAclA"". 84| 85| /* Create a new ACL that contains the new ACEs */ 86|-> dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL); 87| if (ERROR_SUCCESS != dwRes) { 88| dbg(""SetEntriesInAcl Error %lu\n"", GetLastError());" Signed-off-by: Andreas Schneider Reviewed-by: Alexander Bokovoy --- examples/winexe/winexesvc.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/examples/winexe/winexesvc.c b/examples/winexe/winexesvc.c index 980f4d1ab6d..a1937f9abd9 100644 --- a/examples/winexe/winexesvc.c +++ b/examples/winexe/winexesvc.c @@ -57,7 +57,20 @@ static int CreatePipesSA() PSID pAdminSID = NULL; PACL pACL = NULL; PSECURITY_DESCRIPTOR pSD = NULL; - EXPLICIT_ACCESS ea; + /* + * Initialize an EXPLICIT_ACCESS structure for an ACE. + * The ACE will allow the Administrators group full access to the key. + */ + EXPLICIT_ACCESS ea = { + .grfAccessPermissions = FILE_ALL_ACCESS, + .grfAccessMode = SET_ACCESS, + .grfInheritance = NO_INHERITANCE, + .Trustee = { + .TrusteeForm = TRUSTEE_IS_SID, + .TrusteeType = TRUSTEE_IS_GROUP, + .ptstrName = (LPTSTR)pAdminSID, + }, + }; SID_IDENTIFIER_AUTHORITY SIDAuthNT = {SECURITY_NT_AUTHORITY}; /* Create a SID for the BUILTIN\Administrators group. */ @@ -72,15 +85,6 @@ static int CreatePipesSA() dbg("AllocateAndInitializeSid Error %lu\n", GetLastError()); return 0; } - /* Initialize an EXPLICIT_ACCESS structure for an ACE. - The ACE will allow the Administrators group full access to the key. - */ - ea.grfAccessPermissions = FILE_ALL_ACCESS; - ea.grfAccessMode = SET_ACCESS; - ea.grfInheritance = NO_INHERITANCE; - ea.Trustee.TrusteeForm = TRUSTEE_IS_SID; - ea.Trustee.TrusteeType = TRUSTEE_IS_GROUP; - ea.Trustee.ptstrName = (LPTSTR) pAdminSID; /* Create a new ACL that contains the new ACEs */ dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);