From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1nUDiT-0008W8-KH
	for mharc-grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:25 -0400
Received: from eggs.gnu.org ([209.51.188.92]:47746)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alec.r.brown@oracle.com>)
 id 1nUDiM-0008QY-J6
 for grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:19 -0400
Received: from mx0b-00069f02.pphosted.com ([205.220.177.32]:30344)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alec.r.brown@oracle.com>)
 id 1nUDiJ-0005Bs-Ph
 for grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:17 -0400
Received: from pps.filterd (m0246632.ppops.net [127.0.0.1])
 by mx0b-00069f02.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 22FISwki013276
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:12 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2021-07-09;
 bh=XtVi6NVb1XdZYjPINv1RbwgTMdLnwDQxYzyew6QBSMk=;
 b=TutM18TTCyg8vzS/dUIX7gJKfsWFsUBT6whCsHlNnndwBN8EAbkic96li/QWJGb0/DzE
 fFmNAFGDvdDa9IfcKR3bBWzON/DDo+5vbMBEEJwCstkOew+rZCsX6UmOAc3GS1G9sKCx
 oL+MF7HzrAjx7A7lcAUgYcTGy+rIxcuRmOgq9mDSSu7zyVUTH78x9xr9b5Yq7EGbCjhD
 jWQ05+JcanG4yoJk/mCURLlcgoVgHkvrac2sVxGoFzjvlhNRqE/vO00sFqweAxCiakgp
 /rT1E1g3jmLBzCWYEZ341RICAchJrS040mCXYxOQ7yZXDPUoJM4TQqZDt92vnj2+ubIx /w== 
Received: from iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com
 (iadpaimrmta03.appoci.oracle.com [130.35.103.27])
 by mx0b-00069f02.pphosted.com with ESMTP id 3et60rmb4u-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:12 +0000
Received: from pps.filterd
 (iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1])
 by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com (8.16.1.2/8.16.1.2)
 with SMTP id 22FKBhHZ020862
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:11 GMT
Received: from pps.reinject (localhost [127.0.0.1])
 by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com with ESMTP id
 3erhy18tvh-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:11 +0000
Received: from iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com
 (iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1])
 by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 22FKOBKD006121
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:11 GMT
Received: from localhost (dhcp-10-152-14-18.usdhcp.oraclecorp.com
 [10.152.14.18])
 by iadpaimrmta03.imrmtpd1.prodappiadaev1.oraclevcn.com with ESMTP id
 3erhy18tvc-1; Tue, 15 Mar 2022 20:24:11 +0000
From: Alec Brown <alec.r.brown@oracle.com>
To: grub-devel@gnu.org
Cc: daniel.kiper@oracle.com, darren.kenny@oracle.com, alec.r.brown@oracle.com
Subject: [PATCH 1/7] grub-core/loader/i386/bsd.c: Fix uninitialized scalar
 variable
Date: Tue, 15 Mar 2022 16:24:03 -0400
Message-Id: <1647375849-24164-2-git-send-email-alec.r.brown@oracle.com>
X-Mailer: git-send-email 1.8.3.1
In-Reply-To: <1647375849-24164-1-git-send-email-alec.r.brown@oracle.com>
References: <1647375849-24164-1-git-send-email-alec.r.brown@oracle.com>
X-Proofpoint-ORIG-GUID: 2gsjf5S5Yx48visXPcUXb5BdBZe8Iz8r
X-Proofpoint-GUID: 2gsjf5S5Yx48visXPcUXb5BdBZe8Iz8r
Received-SPF: pass client-ip=205.220.177.32;
 envelope-from=alec.r.brown@oracle.com; helo=mx0b-00069f02.pphosted.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_MED=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2022 20:24:20 -0000

In the function grub_netbsd_setup_video(), struct grub_netbsd_btinfo_framebuf
params is called but isn't being initialized. To prevent contents of this
structure from being filled with junk data from the stack, we can initialize it to 0
by setting params to {}.

Fixes: CID 375026

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
---
 grub-core/loader/i386/bsd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/grub-core/loader/i386/bsd.c b/grub-core/loader/i386/bsd.c
index 5f3290ce1..b99344556 100644
--- a/grub-core/loader/i386/bsd.c
+++ b/grub-core/loader/i386/bsd.c
@@ -929,7 +929,7 @@ grub_netbsd_setup_video (void)
   struct grub_video_mode_info mode_info;
   void *framebuffer;
   const char *modevar;
-  struct grub_netbsd_btinfo_framebuf params;
+  struct grub_netbsd_btinfo_framebuf params = {};
   grub_err_t err;
   grub_video_driver_id_t driv_id;
 
-- 
2.27.0