hash: initialize return value before calling NSS hash functions

Some hash functions in the freebl3 library don't support truncated
digests and either return immediately with no update of the output
length, or ignore the length of the output buffer and always write whole
digest.

Initialize the return value to zero to get correct result with the
former.

This is triggered only in the hash unit test. chronyd always provides a
sufficient buffer for the digest.

diff --git a/hash_nss.c b/hash_nss.c
index 71c89303f1260323434ba40a8f1cd36594ec168e..eb1f050dd9d92a9f976a7cba48dc7b8c03c56476 100644 (file)
--- a/hash_nss.c
+++ b/hash_nss.c
@@ -78,7 +78,7 @@ HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len,
     const unsigned char *in2, unsigned int in2_len,
     unsigned char *out, unsigned int out_len)
 {
-  unsigned int ret;
+  unsigned int ret = 0;
 
   NSSLOWHASH_Begin(hashes[id].context);
   NSSLOWHASH_Update(hashes[id].context, in1, in1_len);