Merge pull request #5766 from leorosen/fix-var-init

Add missing local variable initialization

library/ecp.c

@@ -1817,7 +1817,7 @@ static int ecp_precompute_comb( const mbedtls_ecp_group *grp,
     unsigned char i;
     size_t j = 0;
     const unsigned char T_size = 1U << ( w - 1 );
-    mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1];
+    mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1] = {NULL};
 
     mbedtls_mpi tmp[4];
 

library/gcm.c

@@ -430,7 +430,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
     const unsigned char *p = input;
     unsigned char *out_p = output;
     size_t offset;
-    unsigned char ectr[16];
+    unsigned char ectr[16] = {0};
 
     if( output_size < input_length )
         return( MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL );

library/pkcs12.c

@@ -218,7 +218,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
     unsigned int j;
 
     unsigned char diversifier[128];
-    unsigned char salt_block[128], pwd_block[128], hash_block[128];
+    unsigned char salt_block[128], pwd_block[128], hash_block[128] = {0};
     unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
     unsigned char *p;
     unsigned char c;

library/pkparse.c

@@ -866,7 +866,7 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     int version, pubkey_done;
     size_t len;
-    mbedtls_asn1_buf params;
+    mbedtls_asn1_buf params = { 0, 0, NULL };
     unsigned char *p = (unsigned char *) key;
     unsigned char *end = p + keylen;
     unsigned char *end2;

library/rsa.c

@@ -1961,7 +1961,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
     size_t observed_salt_len, msb;
     const mbedtls_md_info_t *md_info;
     mbedtls_md_context_t md_ctx;
-    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = {0};
 
     RSA_VALIDATE_RET( ctx != NULL );
     RSA_VALIDATE_RET( sig != NULL );

library/ssl_ticket.c

@@ -70,7 +70,7 @@ static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
                                unsigned char index )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    unsigned char buf[MAX_KEY_BYTES];
+    unsigned char buf[MAX_KEY_BYTES] = {0};
     mbedtls_ssl_ticket_key *key = ctx->keys + index;
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)