From: Lev Stipakov <l...@openvpn.net>
When using certificate without RSA_PKCS1_PSS_PADDING padding,
"saltlen" is passed unitialized to priv_enc_CNG(), which causes
> Run-Time Check Failure #3 - The variable 'saltlen' is being used without
> being initialized.
in VS debugger.
Initialize saltlen (and other variable for the sake of consistence) to zero
to avoid above failure.
Signed-off-by: Lev Stipakov <l...@openvpn.net>
---
src/openvpn/cryptoapi.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index 1bf74fcd..30eba7b2 100644
--- a/src/openvpn/cryptoapi.c
+++ b/src/openvpn/cryptoapi.c
@@ -882,9 +882,9 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t
*siglen,
EVP_MD *md = NULL;
const wchar_t *alg = NULL;
- int padding;
- int hashlen;
- int saltlen;
+ int padding = 0;
+ int hashlen = 0;
+ int saltlen = 0;
pkey = EVP_PKEY_CTX_get0_pkey(ctx);
if (pkey)
--
2.17.1
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
