From 242fe48524f7c6161c5c2e1e4e37648b06bef6a3 Mon Sep 17 00:00:00 2001
From: Royce Rajan <roycerajan@google.com>
Date: Tue, 24 Feb 2026 16:15:47 -0800
Subject: [PATCH] host_cmd: zero-initialize response buffer

Unit tests that don't appropriately mock host command responses in
`libhoth_receive_response` will cause `resp.hdr` and `resp.payload_buf` to be
uninitialized.

Using `resp` in

```c
  status = validate_ec_response_header(&resp.hdr, resp.payload_buf, resp_size);
```

will access uninitialized memory.
---
 protocol/host_cmd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/protocol/host_cmd.c b/protocol/host_cmd.c
index e3052f5..b20f0d7 100644
--- a/protocol/host_cmd.c
+++ b/protocol/host_cmd.c
@@ -186,8 +186,8 @@ int libhoth_hostcmd_exec(struct libhoth_device* dev, uint16_t command,
     struct hoth_host_response hdr;
     uint8_t
         payload_buf[LIBHOTH_MAILBOX_SIZE - sizeof(struct hoth_host_response)];
-  } resp;
-  size_t resp_size;
+  } resp = {};
+  size_t resp_size = 0;
   status = libhoth_receive_response(dev, &resp, sizeof(resp), &resp_size,
                                     HOTH_CMD_TIMEOUT_MS_DEFAULT);
   if (status != LIBHOTH_OK) {