Zero out FIPS counters. MSAN doesn't like the counters starting at whatever value malloc found to be free. Change-Id: I0968e61e0025db35b82291fde5d1e193aef77c1e Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46444 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: 4aef687fcff7d0b4a6f2942a5b21c97f8da33097 [log] [tgz]
author: Adam Langley <agl@google.com> Mon Mar 29 12:13:17 2021 -0700
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Mon Mar 29 21:03:11 2021 +0000
tree: 03798bec8628f60c965a3d4203f84ff63b9015ff
parent: da890de1b534aedc6bb2001de6ff6b6676be3a60 [diff]
diff --git a/crypto/fipsmodule/self_check/fips.c b/crypto/fipsmodule/self_check/fips.c
index 09fffdd..d55c493 100644
--- a/crypto/fipsmodule/self_check/fips.c
+++ b/crypto/fipsmodule/self_check/fips.c

@@ -52,10 +52,13 @@
   size_t *array =
       CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_FIPS_COUNTERS);
   if (!array) {
-    array = OPENSSL_malloc(sizeof(size_t) * (fips_counter_max + 1));
+    const size_t num_bytes = sizeof(size_t) * (fips_counter_max + 1);
+    array = OPENSSL_malloc(num_bytes);
     if (!array) {
       return;
     }
+
+    OPENSSL_memset(array, 0, num_bytes);
     if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_FIPS_COUNTERS, array,
                                  OPENSSL_free)) {
       // |OPENSSL_free| has already been called by |CRYPTO_set_thread_local|.
commit	4aef687fcff7d0b4a6f2942a5b21c97f8da33097	[log] [tgz]
author	Adam Langley <agl@google.com>	Mon Mar 29 12:13:17 2021 -0700
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Mon Mar 29 21:03:11 2021 +0000
tree	03798bec8628f60c965a3d4203f84ff63b9015ff
parent	da890de1b534aedc6bb2001de6ff6b6676be3a60 [diff]