CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2021/03/21 13:08:22
Modified files:
lib/libssl : tls12_record_layer.c
Log message:
Fully initialize rrec in tls12_record_layer_open_record_protected
The CBC code path initializes rrec.padding_length in an indirect fashion
and later makes use of it for copying the MAC. This is confusing some
static analyzers as well as people investigating the whining. Avoid this
confusion and add a bit of robustness by clearing the stack variable up
front.
ok jsing
