summaryrefslogtreecommitdiff
path: root/drivers/platform/surface
diff options
context:
space:
mode:
authorMaximilian Luz <luzmaximilian@gmail.com>2021-01-11 16:48:50 +0100
committerHans de Goede <hdegoede@redhat.com>2021-01-13 10:30:21 +0100
commita403c1dfcf9fb73a4a362f14ca1c1f04662c49e0 (patch)
tree787bd8fdb280a46bfd5bf7354a00696e92328f6d /drivers/platform/surface
parentd26cbdd27f8c4ff2f3df227a8bc5782697ecce51 (diff)
downloadlwn-a403c1dfcf9fb73a4a362f14ca1c1f04662c49e0.tar.gz
lwn-a403c1dfcf9fb73a4a362f14ca1c1f04662c49e0.zip
platform/surface: aggregator_cdev: Fix access of uninitialized variables
When copy_struct_from_user() in ssam_cdev_request() fails, we directly jump to the 'out' label. In this case, however 'spec' and 'rsp' are not initialized, but we still access fields of those variables. Fix this by initializing them at the time of their declaration. Reported-by: Colin Ian King <colin.king@canonical.com> Fixes: 178f6ab77e61 ("platform/surface: Add Surface Aggregator user-space interface") Addresses-Coverity: ("Uninitialized pointer read") Signed-off-by: Maximilian Luz <luzmaximilian@gmail.com> Link: https://lore.kernel.org/r/20210111154851.325404-2-luzmaximilian@gmail.com Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Diffstat (limited to 'drivers/platform/surface')
-rw-r--r--drivers/platform/surface/surface_aggregator_cdev.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/platform/surface/surface_aggregator_cdev.c b/drivers/platform/surface/surface_aggregator_cdev.c
index 340d15b148b9..979340cdd9de 100644
--- a/drivers/platform/surface/surface_aggregator_cdev.c
+++ b/drivers/platform/surface/surface_aggregator_cdev.c
@@ -66,8 +66,8 @@ static long ssam_cdev_request(struct ssam_cdev *cdev, unsigned long arg)
{
struct ssam_cdev_request __user *r;
struct ssam_cdev_request rqst;
- struct ssam_request spec;
- struct ssam_response rsp;
+ struct ssam_request spec = {};
+ struct ssam_response rsp = {};
const void __user *plddata;
void __user *rspdata;
int status = 0, ret = 0, tmp;