From 11914431bc4a15e4fcf7d4667d0d2298628c36a5 Mon Sep 17 00:00:00 2001
From: James Prestwood <prestwoj@gmail.com>
Date: Wed, 28 Apr 2021 09:21:13 -0700
Subject: [PATCH] netdev: zero out diagnostic info

The info struct is on the stack which leads to the potential
for uninitialized data access. Zero out the info struct prior
to calling the get station callback:

==141137== Conditional jump or move depends on uninitialised value(s)
==141137==    at 0x458A6F: diagnostic_info_to_dict (diagnostic.c:109)
==141137==    by 0x41200B: station_get_diagnostic_cb (station.c:3620)
==141137==    by 0x405BE1: netdev_get_station_cb (netdev.c:4783)
==141137==    by 0x4722F9: process_unicast (genl.c:994)
==141137==    by 0x4722F9: received_data (genl.c:1102)
==141137==    by 0x46F28B: io_callback (io.c:120)
==141137==    by 0x46E5AC: l_main_iterate (main.c:478)
==141137==    by 0x46E65B: l_main_run (main.c:525)
==141137==    by 0x46E65B: l_main_run (main.c:507)
==141137==    by 0x46E86B: l_main_run_with_signal (main.c:647)
==141137==    by 0x403EA8: main (main.c:490)
---
 src/netdev.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/netdev.c b/src/netdev.c
index c959d728..7dc41628 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -4772,6 +4772,8 @@ static void netdev_get_station_cb(struct l_genl_msg *msg, void *user_data)
 	if (!l_genl_attr_init(&attr, msg))
 		goto parse_error;
 
+	memset(&info, 0, sizeof(info));
+
 	while (l_genl_attr_next(&attr, &type, &len, &data)) {
 		switch (type) {
 		case NL80211_ATTR_STA_INFO: