diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2019-10-31 10:06:00 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-12-09 16:38:37 +0100 |
commit | d15fa16213c0160d8970bd779413eaad11bbb34b (patch) | |
tree | 0d423eea8e6c345edfeef3e12bcd305733dddd0a | |
parent | a91e5f75852eb7580ae368ff2c64ed00e9c1ddcc (diff) | |
download | libssh-d15fa16213c0160d8970bd779413eaad11bbb34b.tar.gz libssh-d15fa16213c0160d8970bd779413eaad11bbb34b.tar.xz libssh-d15fa16213c0160d8970bd779413eaad11bbb34b.zip |
SSH-01-012: Fix information leak via uninitialized stack buffer
Fixes T190
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 9d67ca251cf6421bbf34062ff6294833b43a226f)
-rw-r--r-- | src/pki_container_openssh.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c index 5ad87b53..114459a4 100644 --- a/src/pki_container_openssh.c +++ b/src/pki_container_openssh.c @@ -108,8 +108,8 @@ static int pki_private_key_decrypt(ssh_string blob, { struct ssh_cipher_struct *ciphers = ssh_get_ciphertab(); struct ssh_cipher_struct cipher; - uint8_t key_material[128]; - char passphrase_buffer[128]; + uint8_t key_material[128] = {0}; + char passphrase_buffer[128] = {0}; size_t key_material_len; ssh_buffer buffer; ssh_string salt; |