The "xx\0" string literal is 4 bytes but buf is only 3, truncating
the NUL terminator. Since the buffer is immediately overwritten by
memcpy, just zero-initialize it instead.
Signed-off-by: Karel Zak <kzak@redhat.com>
/* Taken from https://gitlab.com/cryptsetup/cryptsetup/blob/master/lib/utils_crypt.c#L225 */
static size_t crypt_hex_to_bytes(const char *hex, char **result)
{
- char buf[3] = "xx\0", *endp, *bytes;
+ char buf[3] = { 0 }, *endp, *bytes;
size_t i, len;
len = strlen(hex);