From 8a4895c0e5de4f04b5de85ed6bbae60edca3df9c Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@gnumonks.org>
Date: Thu, 27 Apr 2017 10:25:10 +0200
Subject: [PATCH] Uninitialized variable in ipa_ccm_make_id_resp_from_req()

We are allocating a buffer on the stack without initializing it, and
then passing it into ipa_ccm_make_id_resp().  There is no real danger
from this, as the buffer is only uninitialized if num_ies is 0, but
let's memset() it for good style

Change-Id: If5761a47b8cba73ddcc02a88cfa5c87c1970c04e
Fixes: coverity CID#167040
---
 src/gsm/ipa.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/gsm/ipa.c b/src/gsm/ipa.c
index 01bd0c58a..2c0880ae5 100644
--- a/src/gsm/ipa.c
+++ b/src/gsm/ipa.c
@@ -302,6 +302,8 @@ struct msgb *ipa_ccm_make_id_resp_from_req(const struct ipaccess_unit *dev,
 	unsigned int num_ies = 0;
 	const uint8_t *cur = data;
 
+	memset(ies, 0, sizeof(ies));
+
 	/* build a array of the IEIs */
 	while (len >= 2) {
 		uint8_t t_len, t_tag;