From 178b53f92434b214e3068e33811690b1227b2e15 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Thu, 31 Oct 2019 10:20:00 +0100
Subject: [PATCH] pki: Fix possible information leak via uninitialized stack
 buffer

Fixes T190

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 src/pki_container_openssh.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c
index 4a2c71c6..ecde4cdd 100644
--- a/src/pki_container_openssh.c
+++ b/src/pki_container_openssh.c
@@ -440,9 +440,9 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
 {
     struct ssh_cipher_struct *ciphers = ssh_get_ciphertab();
     struct ssh_cipher_struct cipher;
-    uint8_t key_material[128];
+    uint8_t key_material[128] = {0};
     size_t key_material_len;
-    char passphrase_buffer[128];
+    char passphrase_buffer[128] = {0};
     int rc;
     int i;
     int cmp;