From 84fd910c347ddfad6f01edbe7f6e25546c8382ee Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 12 Aug 2010 14:24:01 -0700
Subject: Fix bug #7617 - smbd coredump due to uninitialized variables in the
 performance counter code.

In the file rpc_server.c, function _winreg_QueryValue()

uint8_t *outbuf

Should be :

uint8_t *outbuf = NULL;

As it is later freed by

      if (free_buf) SAFE_FREE(outbuf);

in some cases, this frees the unintialized outbuf, which causes a coredump.
---
 source3/rpc_server/srv_winreg_nt.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c
index b4105a026b..568545fc0d 100644
--- a/source3/rpc_server/srv_winreg_nt.c
+++ b/source3/rpc_server/srv_winreg_nt.c
@@ -237,8 +237,8 @@ WERROR _winreg_QueryValue(struct pipes_struct *p,
 	struct registry_key *regkey = find_regkey_by_hnd( p, r->in.handle );
 	prs_struct    prs_hkpd;
 
-	uint8_t *outbuf;
-	uint32_t outbuf_size;
+	uint8_t *outbuf = NULL;
+	uint32_t outbuf_size = 0;
 
 	bool free_buf = False;
 	bool free_prs = False;
-- 
cgit