From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1nUDiS-0008UX-9m
	for mharc-grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:24 -0400
Received: from eggs.gnu.org ([209.51.188.92]:47818)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alec.r.brown@oracle.com>)
 id 1nUDiP-0008Sa-FA
 for grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:21 -0400
Received: from mx0b-00069f02.pphosted.com ([205.220.177.32]:43600)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <alec.r.brown@oracle.com>)
 id 1nUDiN-0005DD-Qt
 for grub-devel@gnu.org; Tue, 15 Mar 2022 16:24:21 -0400
Received: from pps.filterd (m0246630.ppops.net [127.0.0.1])
 by mx0b-00069f02.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 22FISv0w020028
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:19 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references; s=corp-2021-07-09;
 bh=UHzeWxhBfb5lXt+MbE3jpfpQRBuHUTnzyCh5K6RsG3k=;
 b=LaZyjRcYBc22Y1JrP2hrAkhTB6ldBnXbJpkaUHJWkTFWdKi20kkIPvv8tZ9PT4z+f3cu
 f/9Mz4jmCeOd5mi3RYxbc6aCVl0BKy4v6ynaDXZDV7Z5IQwJMJJCfLk3bWZzvHgzEQK+
 qRUerBH8+WWVRQK26kNvj/FFnqK5LaCZTKDPOQh8sl51yKtdzeKIdJnDJGgZiJzR7huZ
 XtbEk3Ioa6IwCNPLBAWeak10B4SD0oxoqLem4ELdp0nstQObJCWQxCcqwqD8eIDGw+G4
 4LLoLwiqAykU2Q7pKcdHZUzDlpxmV1XSA24IHz4QX/NFDAWFoHRbpVWbLXd8VqW60y/l 4g== 
Received: from userp3020.oracle.com (userp3020.oracle.com [156.151.31.79])
 by mx0b-00069f02.pphosted.com with ESMTP id 3et60rc6ys-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:18 +0000
Received: from pps.filterd (userp3020.oracle.com [127.0.0.1])
 by userp3020.oracle.com (8.16.1.2/8.16.1.2) with SMTP id 22FKAXiH023786
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:17 GMT
Received: from pps.reinject (localhost [127.0.0.1])
 by userp3020.oracle.com with ESMTP id 3et65830ej-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:17 +0000
Received: from userp3020.oracle.com (userp3020.oracle.com [127.0.0.1])
 by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 22FKNmqI054979
 for <grub-devel@gnu.org>; Tue, 15 Mar 2022 20:24:17 GMT
Received: from localhost (dhcp-10-152-14-18.usdhcp.oraclecorp.com
 [10.152.14.18]) by userp3020.oracle.com with ESMTP id 3et65830dw-1;
 Tue, 15 Mar 2022 20:24:17 +0000
From: Alec Brown <alec.r.brown@oracle.com>
To: grub-devel@gnu.org
Cc: daniel.kiper@oracle.com, darren.kenny@oracle.com, alec.r.brown@oracle.com
Subject: [PATCH 7/7] grub-core/net/bootp.c: Fix uninitialized scalar variable
Date: Tue, 15 Mar 2022 16:24:09 -0400
Message-Id: <1647375849-24164-8-git-send-email-alec.r.brown@oracle.com>
X-Mailer: git-send-email 1.8.3.1
In-Reply-To: <1647375849-24164-1-git-send-email-alec.r.brown@oracle.com>
References: <1647375849-24164-1-git-send-email-alec.r.brown@oracle.com>
X-Proofpoint-GUID: 5a1zaNkFiPSuB-6PMxYV3hFXamz43_x2
X-Proofpoint-ORIG-GUID: 5a1zaNkFiPSuB-6PMxYV3hFXamz43_x2
Received-SPF: pass client-ip=205.220.177.32;
 envelope-from=alec.r.brown@oracle.com; helo=mx0b-00069f02.pphosted.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_MED=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2022 20:24:21 -0000

In the function grub_net_configure_by_dhcp_ack(),
grub_net_network_level_address_t addr is called but isn't being initialized. To
prevent contents of this structure from being filled with junk data from the
stack, we can initialize it to 0 by setting addr to {}.

Fixes: CID 375036

Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
---
 grub-core/net/bootp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
index 6fb562702..708d601df 100644
--- a/grub-core/net/bootp.c
+++ b/grub-core/net/bootp.c
@@ -232,7 +232,7 @@ grub_net_configure_by_dhcp_ack (const char *name,
 				grub_size_t size,
 				int is_def, char **device, char **path)
 {
-  grub_net_network_level_address_t addr;
+  grub_net_network_level_address_t addr = {};
   grub_net_link_level_address_t hwaddr;
   struct grub_net_network_level_interface *inter;
   int mask = -1;
-- 
2.27.0