lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-30 13:01:23 +03:00
Code Activity

SSH-01-012: Fix information leak via uninitialized stack buffer

Browse Source 
Fixes T190

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Andreas Schneider
2019-10-31 10:06:00 +01:00
parent cb0ccf372e
commit 9d67ca251c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pki_container_openssh.c
View File

@@ -108,8 +108,8 @@ static int pki_private_key_decrypt(ssh_string blob,
{
struct ssh_cipher_struct *ciphers = ssh_get_ciphertab();
struct ssh_cipher_struct cipher;
uint8_t key_material[128];
char passphrase_buffer[128];
uint8_t key_material[128] = {0};
char passphrase_buffer[128] = {0};
size_t key_material_len;
ssh_buffer buffer;
ssh_string salt;