From edb9059eb8f42f892d67df324eeb0098c05d1f4a Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 28 Feb 2017 12:07:54 +0100
Subject: [PATCH 09/24] i386: kvmvapic: initialise imm32 variable

RH-Author: Paolo Bonzini <pbonzini@redhat.com>
Message-id: <20170228120754.16073-1-pbonzini@redhat.com>
Patchwork-id: 74089
O-Subject: [RHEL7.4 qemu-kvm PATCH] i386: kvmvapic: initialise imm32 variable
Bugzilla: 1335751
RH-Acked-by: David Hildenbrand <david@redhat.com>
RH-Acked-by: Thomas Huth <thuth@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

When processing Task Priorty Register(TPR) access, it could leak
automatic stack variable 'imm32' in patch_instruction().
Initialise the variable to avoid it.

Reported by: Donghai Zdh <donghai.zdh@alibaba-inc.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <1460013608-16670-1-git-send-email-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 691a02e2ce0c413236a78dee6f2651c937b09fb0)

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 hw/i386/kvmvapic.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/kvmvapic.c b/hw/i386/kvmvapic.c
index 577ae64..a5dd9dd 100644
--- a/hw/i386/kvmvapic.c
+++ b/hw/i386/kvmvapic.c
@@ -390,7 +390,7 @@ static void patch_instruction(VAPICROMState *s, X86CPU *cpu, target_ulong ip)
     CPUX86State *env = &cpu->env;
     VAPICHandlers *handlers;
     uint8_t opcode[2];
-    uint32_t imm32;
+    uint32_t imm32 = 0;
     target_ulong current_pc = 0;
     target_ulong current_cs_base = 0;
     int current_flags = 0;
-- 
1.8.3.1