mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 02:15:40 +01:00
hkdf_expand: explicitly initialize t
t is never used uninitialized, since the first loop iteration reads 0 bytes of it and then writes hash_len bytes, and subsequent iterations read and write hash_len bytes. However this is somewhat fragile, and it would be legitimate for a static analyzer to be unsure. Initialize t explicitly, to make the code clearer and more robust, at negligible cost. Reported by Vasily Evseenko in https://github.com/ARMmbed/mbedtls/pull/2942 with a slightly different fix. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
60d6516c60
commit
3ab121a603
@ -136,6 +136,8 @@ int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
memset( t, 0, hash_len );
|
||||
|
||||
/*
|
||||
* Compute T = T(1) | T(2) | T(3) | ... | T(N)
|
||||
* Where T(N) is defined in RFC 5869 Section 2.3
|
||||
|
Loading…
Reference in New Issue
Block a user