pki: Fix possible information leak via uninitialized stack buffer

Fixes T190 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-10-31 10:20:00 +01:00 · 2019-10-31 10:20:00 +01:00 · 178b53f924
--- a/src/pki_container_openssh.c
+++ b/src/pki_container_openssh.c
@ -440,9 +440,9 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
 {
    struct ssh_cipher_struct *ciphers = ssh_get_ciphertab();
    struct ssh_cipher_struct cipher;
-    uint8_t key_material[128];
+    uint8_t key_material[128] = {0};
    size_t key_material_len;
-    char passphrase_buffer[128];
+    char passphrase_buffer[128] = {0};
    int rc;
    int i;
    int cmp;