commit c6fdeeb6bb0b17dc28c19ae492c4a1c498e54ea3

Author: Miroslav Lichvar <mlichvar@redhat.com>

Date:   Wed Jul 31 15:02:09 2013 +0200

    Don't send uninitialized data in command replies

    The RPY_SUBNETS_ACCESSED and RPY_CLIENT_ACCESSES command replies can

    contain uninitalized data from stack when the client logging is disabled

    or a bad subnet is requested. These commands were never used by chronyc

    and they require the client to be authenticated since version 1.25.

diff --git a/cmdmon.c b/cmdmon.c

index e4f7349..6d6e32b 100644

--- a/cmdmon.c

+++ b/cmdmon.c

@@ -1513,9 +1513,11 @@ handle_subnets_accessed(CMD_Request *rx_message, CMD_Reply *tx_message)

         break;

       case CLG_BADSUBNET:

         tx_message->status = htons(STT_BADSUBNET);

+        tx_message->data.subnets_accessed.n_subnets = htonl(0);

         return;

       case CLG_INACTIVE:

         tx_message->status = htons(STT_INACTIVE);

+        tx_message->data.subnets_accessed.n_subnets = htonl(0);

         return;

       default:

         assert(0);

@@ -1569,6 +1571,7 @@ handle_client_accesses(CMD_Request *rx_message, CMD_Reply *tx_message)

         break;

       case CLG_INACTIVE:

         tx_message->status = htons(STT_INACTIVE);

+        tx_message->data.client_accesses.n_clients = htonl(0);

         return;

       default:

         assert(0);