cryptoapi.c: fix run-time check failure in msvc debugger

When using certificate without RSA_PKCS1_PSS_PADDING padding,
"saltlen" is passed unitialized to priv_enc_CNG(), which causes

 > Run-Time Check Failure #3 - The variable 'saltlen' is being used
without being initialized.

in VS debugger.

Initialize saltlen (and other variable for the sake of consistence) to zero
to avoid above failure.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20200213095539.11157-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19410.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index 2f2eee771d0d2b43049b207b832db67517d97c39..3223b1baa68be2e341cb801b9ccf636a032f9ee4 100644 (file)
--- a/src/openvpn/cryptoapi.c
+++ b/src/openvpn/cryptoapi.c
@@ -856,9 +856,9 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
     EVP_MD *md = NULL;
     const wchar_t *alg = NULL;
 
-    int padding;
-    int hashlen;
-    int saltlen;
+    int padding = 0;
+    int hashlen = 0;
+    int saltlen = 0;
 
     pkey = EVP_PKEY_CTX_get0_pkey(ctx);
     if (pkey)