Google Git
Sign in
boringssl/boringssl.git/c0fcb4e245778998fdf2b46c2a1c379d01abeca7^!/.
commit
c0fcb4e245778998fdf2b46c2a1c379d01abeca7
[log]
author
David Benjamin <davidben@google.com>
Fri Sep 03 13:16:10 2021 -0400
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Fri Sep 03 17:42:30 2021 +0000
tree
bb506749422501fe2e2d1133d3fdc2737da0d1a2
parent
1a668b39d5d2287f1fcdcf19a9d0e747b40f86ef [diff]
Silence a GCC false positive warning.

GCC 11.2.1 reportedly warns that CTR_DRBG_init may be passed an
uninitialized personalization buffer. This appears to be a false
positive, because personalization_len will be zero. But it's easy enough
to zero-initialize it, so silence the warning.

Bug: 432
Change-Id: I20f6b74e09f19962e8cae37d45090ff3d1c0215d
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49245
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c
index 29c43ae..0fc9fa1 100644
--- a/crypto/fipsmodule/rand/rand.c
+++ b/crypto/fipsmodule/rand/rand.c

@@ -356,7 +356,7 @@
     int used_cpu;
     rand_get_seed(state, seed, &used_cpu);
 
-    uint8_t personalization[CTR_DRBG_ENTROPY_LEN];
+    uint8_t personalization[CTR_DRBG_ENTROPY_LEN] = {0};
     size_t personalization_len = 0;
 #if defined(OPENSSL_URANDOM)
     // If we used RDRAND, also opportunistically read from the system. This