| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20241228074525.3674-1-tanyaagarwal25699@gmail.com>
Date: Sat, 28 Dec 2024 13:15:25 +0530
From: Tanya Agarwal <tanyaagarwal25699@...il.com>
To: paul@...l-moore.com,
jmorris@...ei.org,
serge@...lyn.com
Cc: kees@...nel.org,
yuehaibing@...wei.com,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org,
skhan@...uxfoundation.org,
anupnewsmail@...il.com,
tanyaagarwal25699@...il.com
Subject: [PATCH] lockdown: Initialize array before use
From: Tanya Agarwal <tanyaagarwal25699@...il.com>
Intialize array before use in lockdown.c.
CID 1486102: (#1 of 1): Uninitialized scalar variable (UNINIT)
uninit_use_in_call: Using uninitialized value *temp when calling
strlen.
Coverity Link:
https://scan7.scan.coverity.com/#/project-view/52849/11354?selectedIssue=1486102
Signed-off-by: Tanya Agarwal <tanyaagarwal25699@...il.com>
---
security/lockdown/lockdown.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c
index f2bdbd55aa2b..df2c8435a7a9 100644
--- a/security/lockdown/lockdown.c
+++ b/security/lockdown/lockdown.c
@@ -96,7 +96,7 @@ static int __init lockdown_lsm_init(void)
static ssize_t lockdown_read(struct file *filp, char __user *buf, size_t count,
loff_t *ppos)
{
- char temp[80];
+ char temp[80] = {0};
int i, offset = 0;
for (i = 0; i < ARRAY_SIZE(lockdown_levels); i++) {
--
2.39.5
Powered by blists - more mailing lists