Fix uninitialised memory access in constant time functions

Fix an issue reported by Coverity whereby some constant time functions called from the ssl decrypt code could potentially access uninitialised memory. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2025-07-28 00:21:48 +03:00 · 2022-05-09 18:15:54 +01:00
parent a745c7d439
commit 5260ce27ed
3 changed files with 21 additions and 2 deletions
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -1634,8 +1634,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
    if( auth_done == 0 )
    {
-        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
-        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD];
+        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 };
+        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 };

        /* If the initial value of padlen was such that
         * data_len < maclen + padlen + 1, then padlen