From 47921c7c0c7dd396b9cb1117324e32d3393326ee Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 19 Mar 2018 13:02:47 +0100 Subject: [PATCH] hash: initialize return value before calling NSS hash functions Some hash functions in the freebl3 library don't support truncated digests and either return immediately with no update of the output length, or ignore the length of the output buffer and always write whole digest. Initialize the return value to zero to get correct result with the former. This is triggered only in the hash unit test. chronyd always provides a sufficient buffer for the digest. --- hash_nss.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hash_nss.c b/hash_nss.c index 71c8930..eb1f050 100644 --- a/hash_nss.c +++ b/hash_nss.c @@ -78,7 +78,7 @@ HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len, const unsigned char *in2, unsigned int in2_len, unsigned char *out, unsigned int out_len) { - unsigned int ret; + unsigned int ret = 0; NSSLOWHASH_Begin(hashes[id].context); NSSLOWHASH_Update(hashes[id].context, in1, in1_len);