From ae512c30a1fae7f2c60a088b50d0d355aaf374f1 Mon Sep 17 00:00:00 2001 From: Alasdair Mackintosh Date: Wed, 9 Mar 2022 13:24:49 -0800 Subject: [PATCH] DPP: Fix uninitialised variable on error path The current code generates a warning when compiled by Clang, because if we goto 'fail:', password_len can be uninitialised when we pass it in to bin_clear_free(). Note that the actual usage is safe, because bin_clear_free() ignores the second argument if the first argument is NULL, but it still seems worth cleaning up. Signed-off-by: Alasdair Mackintosh --- src/common/dpp_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c index 209c315b9..47f56c258 100644 --- a/src/common/dpp_crypto.c +++ b/src/common/dpp_crypto.c @@ -2059,7 +2059,7 @@ struct wpabuf * dpp_build_csr(struct dpp_authentication *auth, const char *name) struct wpabuf *priv_key; u8 cp[DPP_CP_LEN]; char *password = NULL; - size_t password_len; + size_t password_len = 0; int hash_sign_algo; /* TODO: use auth->csrattrs */