From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1nUDiU-00008b-Ou
	for mharc-grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:26 -0400
Received: from eggs.gnu.org ([209.51.188.92]:47808)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alec.r.brown@oracle.com>)
 id 1nUDiO-0008Rs-91
 for grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:20 -0400
Received: from mx0a-00069f02.pphosted.com ([205.220.165.32]:6348)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alec.r.brown@oracle.com>)
 id 1nUDiM-0005Cb-5H
 for grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:19 -0400
Received: from pps.filterd (m0246629.ppops.net [127.0.0.1])
 by mx0b-00069f02.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 22FITMLm005232
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:17 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2021-07-09;
 bh=JfoNQslzRjqAmH+WhNn6XUpIs9jOeTDsx9Gz9VWc5bc=;
 b=hOPhoCmY3K8wjsqiNXNP0TPME5Y3+gI2xjVLuerEJAAggyE6X/0RuULiBEsJigOy9KcG
 I5etA4bEFZKA29GCvT+RrA4Znmcnt1nQT0UBX5NSktIhiJJHsrOQ3z9WePmNUcVvE124
 BMvJlpW34wMsDSGmmx5yrrAwpHU9Ybwx/nEzW5ip7+uXgdg8ao1gwVn2wxuiaP6MbTpD
 nai8NytE/hJstQlHOvUF/YGX/PTnlH1IIqjwT+r+sFhK+Pf/DrYFWwzVNGvlPSy6kMYt
 UjZyosq5p0Je0YdF5BLuFjkz/0o9TlyLv2GiUQpDGmPk/15LJbFRf80zL02FPWoFG7kK pg== 
Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com
 (iadpaimrmta02.appoci.oracle.com [147.154.18.20])
 by mx0b-00069f02.pphosted.com with ESMTP id 3et5xwm5px-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:16 +0000
Received: from pps.filterd
 (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1])
 by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com (8.16.1.2/8.16.1.2)
 with SMTP id 22FKBgLu016407
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:15 GMT
Received: from pps.reinject (localhost [127.0.0.1])
 by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com with ESMTP id
 3erhy18mue-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:15 +0000
Received: from iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com
 (iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com [127.0.0.1])
 by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 22FKOFXL000888
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:15 GMT
Received: from localhost (dhcp-10-152-14-18.usdhcp.oraclecorp.com
 [10.152.14.18])
 by iadpaimrmta02.imrmtpd1.prodappiadaev1.oraclevcn.com with ESMTP id
 3erhy18mu7-1; Tue, 15 Mar 2022 20:24:15 +0000
From: Alec Brown <alec.r.brown@oracle.com>
To: grub-devel@gnu.org
Cc: daniel.kiper@oracle.com, darren.kenny@oracle.com, alec.r.brown@oracle.com
Subject: [PATCH 6/7] grub-core/loader/i386/xnu.c: Fix uninitialized scalar
 variable
Date: Tue, 15 Mar 2022 16:24:08 -0400
Message-Id: <1647375849-24164-7-git-send-email-alec.r.brown@oracle.com>
X-Mailer: git-send-email 1.8.3.1
In-Reply-To: <1647375849-24164-1-git-send-email-alec.r.brown@oracle.com>
References: <1647375849-24164-1-git-send-email-alec.r.brown@oracle.com>
X-Proofpoint-GUID: dOOIolQQqOPE9oEzMwkHYLr2cnzy3PXB
X-Proofpoint-ORIG-GUID: dOOIolQQqOPE9oEzMwkHYLr2cnzy3PXB
Received-SPF: pass client-ip=205.220.165.32;
 envelope-from=alec.r.brown@oracle.com; helo=mx0a-00069f02.pphosted.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_MED=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2022 20:24:20 -0000

In the function grub_xnu_boot(), struct grub_relocator32_state state is called
but isn't being initialized. To prevent contents of this structure from being
filled with junk data from the stack, we can initialize it to 0 by setting state
to {}.

Fixes: CID 375035

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
---
 grub-core/loader/i386/xnu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c
index caab5cfa6..c956942a2 100644
--- a/grub-core/loader/i386/xnu.c
+++ b/grub-core/loader/i386/xnu.c
@@ -960,7 +960,7 @@ grub_xnu_boot (void)
   grub_addr_t devtree_target;
   grub_size_t devtreelen;
   int i;
-  struct grub_relocator32_state state;
+  struct grub_relocator32_state state = {};
   grub_uint64_t fsbfreq = 100000000;
   int v2 = (grub_xnu_darwin_version >= 11);
   grub_uint32_t efi_system_table = 0;
-- 
2.27.0