media: atomisp: fix uninitialized stack mem usage in ia_css_rmgr_acq_vbuf()

When ia_css_rmgr_acq_vbuf() enters the code path where it uses the local
"struct ia_css_rmgr_vbuf_handle v" on the stack it relies on v.count==0
so that ia_css_rmgr_refcount_retain_vbuf allocates a new handle.

Explicitly set v.count to 0 rather then it being whatever was on the stack.

Link: https://lore.kernel.org/linux-media/20220612160556.108264-3-hdegoede@redhat.com
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>

diff --git a/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c b/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c
index a3e5dc2..1db28f8 100644 (file)
--- a/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c
+++ b/drivers/staging/media/atomisp/pci/runtime/rmgr/src/rmgr_vbuf.c
@@ -254,7 +254,7 @@ void rmgr_pop_handle(struct ia_css_rmgr_vbuf_pool *pool,
 void ia_css_rmgr_acq_vbuf(struct ia_css_rmgr_vbuf_pool *pool,
                          struct ia_css_rmgr_vbuf_handle **handle)
 {
-       struct ia_css_rmgr_vbuf_handle h;
+       struct ia_css_rmgr_vbuf_handle h = { 0 };
 
        if ((!pool) || (!handle) || (!*handle)) {
                IA_CSS_LOG("Invalid inputs");