Commit a403c1df authored by Maximilian Luz's avatar Maximilian Luz Committed by Hans de Goede

platform/surface: aggregator_cdev: Fix access of uninitialized variables

When copy_struct_from_user() in ssam_cdev_request() fails, we directly
jump to the 'out' label. In this case, however 'spec' and 'rsp' are not
initialized, but we still access fields of those variables. Fix this by
initializing them at the time of their declaration.
Reported-by: default avatarColin Ian King <colin.king@canonical.com>
Fixes: 178f6ab7 ("platform/surface: Add Surface Aggregator user-space interface")
Addresses-Coverity: ("Uninitialized pointer read")
Signed-off-by: default avatarMaximilian Luz <luzmaximilian@gmail.com>
Link: https://lore.kernel.org/r/20210111154851.325404-2-luzmaximilian@gmail.comSigned-off-by: default avatarHans de Goede <hdegoede@redhat.com>
parent d26cbdd2
...@@ -66,8 +66,8 @@ static long ssam_cdev_request(struct ssam_cdev *cdev, unsigned long arg) ...@@ -66,8 +66,8 @@ static long ssam_cdev_request(struct ssam_cdev *cdev, unsigned long arg)
{ {
struct ssam_cdev_request __user *r; struct ssam_cdev_request __user *r;
struct ssam_cdev_request rqst; struct ssam_cdev_request rqst;
struct ssam_request spec; struct ssam_request spec = {};
struct ssam_response rsp; struct ssam_response rsp = {};
const void __user *plddata; const void __user *plddata;
void __user *rspdata; void __user *rspdata;
int status = 0, ret = 0, tmp; int status = 0, ret = 0, tmp;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment