From a0826b184eed2dccc56cdf80e3e0bc061cc89ddc Mon Sep 17 00:00:00 2001
From: shashankmca80 <38880505+shashankmca80@users.noreply.github.com>
Date: Sat, 13 Jan 2024 18:16:25 +0530
Subject: [PATCH] Uninitialized array variable

array"key" is uninitialized and it is being read directly in function SipHash_Init() as per the below statements making a way for the garbage values :
uint64_t k0 = U8TO64_LE(k);
uint64_t k1 = U8TO64_LE(k + 8);

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23298)
---
 test/siphash_internal_test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/siphash_internal_test.c b/test/siphash_internal_test.c
index 76ae5ecabcb..3ab1677d2d0 100644
--- a/test/siphash_internal_test.c
+++ b/test/siphash_internal_test.c
@@ -257,7 +257,7 @@ static int test_siphash(int idx)
 static int test_siphash_basic(void)
 {
     SIPHASH siphash = { 0, };
-    unsigned char key[SIPHASH_KEY_SIZE];
+    static const unsigned char key[SIPHASH_KEY_SIZE] = {0};
     unsigned char output[SIPHASH_MAX_DIGEST_SIZE];
 
     /* Use invalid hash size */
-- 
2.47.2