From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Fri, 8 Feb 2013 01:58:02 +0000 (-0500)
Subject: systemd: fix uninitialized memory access in selinux
X-Git-Tag: v198~323
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=0b9cc004a4dd20b32459615dd1ab98ba27202095;hp=940bd4738b16503d903689e50eeb22645463fc16

systemd: fix uninitialized memory access in selinux

==6129== Syscall param socketcall.getsockopt(optlen) points to uninitialised byte(s)
==6129== at 0x312D0F325A: getsockopt (syscall-template.S:81)
==6129== by 0x4615E6: get_audit_data (selinux-access.c:268)
==6129== by 0x461A81: selinux_access_check (selinux-access.c:394)
==6129== by 0x453B23: bus_manager_message_handler (dbus-manager.c:1395)
==6129== by 0x313581D9C4: _dbus_object_tree_dispatch_and_unlock (dbus-object-tree.c:862)
==6129== by 0x313580FC1F: dbus_connection_dispatch (dbus-connection.c:4672)
==6129== by 0x44CD4C: bus_dispatch (dbus.c:528)
==6129== by 0x41292F: manager_loop (manager.c:1573)
==6129== by 0x40CD8E: main (main.c:1735)
==6129== Address 0x7fefff2c0 is on thread 1's stack
---

diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index be728d5d5..08a483457 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -256,7 +256,7 @@ static int get_audit_data(
         const char *sender;
         int r, fd;
         struct ucred ucred;
-        socklen_t len;
+        socklen_t len = sizeof(ucred);
 
         sender = dbus_message_get_sender(message);
         if (sender)