From 1046049f6c67ca280b77ddff2826110507eb197e Mon Sep 17 00:00:00 2001 From: Sourav Mohapatra Date: Thu, 19 Apr 2018 16:08:37 +0530 Subject: [PATCH] qcacld-3.0: Initialize variable to prevent potential information leak In the function drv_cmd_set_mc_rate, the variable targetRate, used to store the value parsed from the command from user space, is not initialized. The variable is assigned value inside a kernel API kstrtouint that converts the string to an unsigned int. In a certain case if the kernel API fails, it returns an error code without assigning any value to the passed parameter. In this scenario, the variable targetRate, still uninitialized is passed on to function wlan_hdd_set_mc_rate where it is logged using hdd_debug. As the flow goes on, it is then again logged using WMA_LOGE(). This might lead to potential information leak. Initialize the variable to zero to prevent the mentioned scenario. Change-Id: Ideec0b1930e994f19ae8a669cd2963db4016eae1 CRs-Fixed: 2226172 --- core/hdd/src/wlan_hdd_ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/hdd/src/wlan_hdd_ioctl.c b/core/hdd/src/wlan_hdd_ioctl.c index c39f356349..574b9aedd3 100644 --- a/core/hdd/src/wlan_hdd_ioctl.c +++ b/core/hdd/src/wlan_hdd_ioctl.c @@ -5628,7 +5628,7 @@ static int drv_cmd_set_mc_rate(struct hdd_adapter *adapter, { int ret = 0; uint8_t *value = command; - int targetRate; + int targetRate = 0; /* input value is in units of hundred kbps */