DPP: Fix uninitialised variable on error path

The current code generates a warning when compiled by Clang, because if
we goto 'fail:', password_len can be uninitialised when we pass it in to
bin_clear_free().

Note that the actual usage is safe, because bin_clear_free() ignores
the second argument if the first argument is NULL, but it still seems
worth cleaning up.

Signed-off-by: Alasdair Mackintosh <alasdair at google.com>

diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c
index 209c315b9450b3fad589655cb4a6198374a3d653..47f56c258b69a9361e986622d9fd63154400926d 100644 (file)
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -2059,7 +2059,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name)
        struct wpabuf *priv_key;
        u8 cp[DPP_CP_LEN];
        char *password = NULL;
-       size_t password_len;
+       size_t password_len = 0;
        int hash_sign_algo;
 
        /* TODO: use auth->csrattrs */