From e21602857e79becb64eb8cba3673830bd7a304e3 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Thu, 28 Jun 2018 18:13:54 -0400 Subject: [PATCH] Zero-fill IV by default. Fixes uninitialized memory read reported by Nick Mathewson Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/6603) (cherry picked from commit 10c3c1c1ec41ce16e51b92bb18fab92d1a42b49c) --- crypto/pem/pem_lib.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 33c03eec00..735cd54e57 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -466,6 +466,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) char *dekinfostart, c; cipher->cipher = NULL; + memset(cipher->iv, 0, sizeof(cipher->iv)); if ((header == NULL) || (*header == '\0') || (*header == '\n')) return 1; -- 2.25.1