| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181009200719.GA19561@embeddedor.com>
Date: Tue, 9 Oct 2018 22:07:19 +0200
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Steve French <sfrench@...ba.org>,
Ronnie Sahlberg <lsahlber@...hat.com>
Cc: linux-cifs@...r.kernel.org, samba-technical@...ts.samba.org,
linux-kernel@...r.kernel.org,
"Gustavo A. R. Silva" <gustavo@...eddedor.com>
Subject: [PATCH] smb2: fix uninitialized variable bug in smb2_ioctl_query_info
There is a potential execution path in which variable *resp_buftype*
is passed as an argument to function free_rsp_buf(), in which is used
without being properly initialized previously.
Fix this by initializing variable *resp_buftype* to -1 in order to
avoid unpredictable or unintended results.
Addresses-Coverity-ID: 1472116 ("Uninitialized scalar variable")
Fixes: 1473971 ("Uninitialized scalar variable")
Signed-off-by: Gustavo A. R. Silva <gustavo@...eddedor.com>
---
fs/cifs/smb2ops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index c6c6450d..927aadd 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -1133,7 +1133,7 @@ smb2_ioctl_query_info(const unsigned int xid,
struct smb_rqst rqst;
struct kvec iov[1];
struct kvec rsp_iov;
- int resp_buftype;
+ int resp_buftype = -1;
struct smb2_query_info_rsp *rsp = NULL;
void *buffer;
--
2.7.4
Powered by blists - more mailing lists