From: Miroslav Lichvar Date: Mon, 19 Mar 2018 12:02:47 +0000 (+0100) Subject: hash: initialize return value before calling NSS hash functions X-Git-Tag: 3.3~13 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=47921c7c0c7dd396b9cb1117324e32d3393326ee;p=thirdparty%2Fchrony.git hash: initialize return value before calling NSS hash functions Some hash functions in the freebl3 library don't support truncated digests and either return immediately with no update of the output length, or ignore the length of the output buffer and always write whole digest. Initialize the return value to zero to get correct result with the former. This is triggered only in the hash unit test. chronyd always provides a sufficient buffer for the digest. --- diff --git a/hash_nss.c b/hash_nss.c index 71c89303..eb1f050d 100644 --- a/hash_nss.c +++ b/hash_nss.c @@ -78,7 +78,7 @@ HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len, const unsigned char *in2, unsigned int in2_len, unsigned char *out, unsigned int out_len) { - unsigned int ret; + unsigned int ret = 0; NSSLOWHASH_Begin(hashes[id].context); NSSLOWHASH_Update(hashes[id].context, in1, in1_len);