From d4af922c583ce152f7d8f35869ab92d5b37cbfd2 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Fri, 25 Jun 2021 09:28:26 +1000
Subject: [PATCH] apps: properly initialise arguments to
 EVP_PKEY_get_bn_param()

This avoids use of uninitialised memory.

Follow on to #15900

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15908)
---
 apps/req.c  | 2 +-
 apps/x509.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index 9fbe4e250f4..d0c620438bc 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -994,7 +994,7 @@ int req_main(int argc, char **argv)
         }
         fprintf(stdout, "Modulus=");
         if (EVP_PKEY_is_a(tpubkey, "RSA")) {
-            BIGNUM *n;
+            BIGNUM *n = NULL;
 
             /* Every RSA key has an 'n' */
             EVP_PKEY_get_bn_param(pkey, "n", &n);
diff --git a/apps/x509.c b/apps/x509.c
index 558351ba304..b68530fb225 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -950,7 +950,7 @@ int x509_main(int argc, char **argv)
                 BN_print(out, n);
                 BN_free(n);
             } else if (EVP_PKEY_is_a(pkey, "DSA")) {
-                BIGNUM *dsapub;
+                BIGNUM *dsapub = NULL;
 
                 /* Every DSA key has a 'pub' */
                 EVP_PKEY_get_bn_param(pkey, "pub", &dsapub);
-- 
2.47.2