[BlueZ v2 17/20] sdp: Fix use of uninitialised memory

Bastien Nocera <hadess@xxxxxxxxxx> · Fri, 10 May 2024 14:10:27 +0200

Error: UNINIT (CWE-457): [#def10] [important]
bluez-5.75/lib/sdp.c:2302:2: alloc_fn: Calling "malloc" which returns uninitialized memory.
bluez-5.75/lib/sdp.c:2302:2: assign: Assigning: "seqDTDs" = "malloc(seqlen * 8UL)", which points to uninitialized data.
bluez-5.75/lib/sdp.c:2355:2: uninit_use_in_call: Using uninitialized value "*seqDTDs" when calling "sdp_seq_alloc".
2353|			}
2354|		}
2355|->		seq = sdp_seq_alloc(seqDTDs, seqs, seqlen);
2356|		free(seqDTDs);
2357|		free(seqs);
---
 lib/sdp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/sdp.c b/lib/sdp.c
index 34b0dbb94eb0..d43bbbd2de05 100644
--- a/lib/sdp.c
+++ b/lib/sdp.c
@@ -2299,7 +2299,7 @@ static sdp_data_t *access_proto_to_dataseq(sdp_record_t *rec, sdp_list_t *proto)
 	sdp_list_t *p;
 
 	seqlen = sdp_list_len(proto);
-	seqDTDs = malloc(seqlen * sizeof(void *));
+	seqDTDs = bt_malloc0(seqlen * sizeof(void *));
 	if (!seqDTDs)
 		return NULL;
 
-- 
2.44.0








