initialize the RSA struct to 0.

This helps with program code linked against static builds accessing a uninitialized ->engine pointer.

CLA: none; trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1540)

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index a6805debc890a20ed7f35bfe5a44a11edacd1b5f..6ea6b40dc6fd0348e11d19102d1c590797ffd069 100644 (file)
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -143,6 +143,7 @@ RSA *RSA_new_method(ENGINE *engine)
         RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
+    memset(ret,0,sizeof(RSA));
 
     ret->meth = RSA_get_default_method();
 #ifndef OPENSSL_NO_ENGINE