security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

agent: Avoid uninitialized buffer. 

* agent/sexp-secret.c (fixup_when_ecc_private_key): Initialize buffer to
avoid its use on unexpected inputs.

--

GnuPG-bug-id: 5393
Co-authored-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Jakub Jelen 2021-09-13 18:26:29 +02:00 committed by NIIBE Yutaka
parent 50f32eb066
commit ae3d0bb8e7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
agent/sexp-secret.c
View File

@ -29,7 +29,7 @@ gpg_error_t
fixup_when_ecc_private_key (unsigned char *buf, size_t *buflen_p)
{
const unsigned char *s;
char curve_name[256];
char curve_name[256] = { 0, };
size_t n;
size_t buflen = *buflen_p;