- djm@cvs.openbsd.org 2011/02/04 00:44:21

[key.c] fix uninitialised nonce variable; reported by Mateusz Kocielski
author: Damien Miller <djm@mindrot.org> 2011-02-04 11:48:33 +1100
committer: Damien Miller <djm@mindrot.org> 2011-02-04 11:48:33 +1100
commit: baf0e28ca9cda83d1214697fd6888064ee05cf45 (patch)
tree: 3a135d4c66955ba82f984cac320da6c3a02c3c67
parent: fb789a9108c47c1c9d49b64950dabf62b56bddce (diff)
2 files changed, 6 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index ddc4a631..28298d59 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
    - djm@cvs.openbsd.org 2011/01/31 21:42:15
      [PROTOCOL.mux]
      cut'n'pasto; from bert.wesarg AT googlemail.com
+   - djm@cvs.openbsd.org 2011/02/04 00:44:21
+     [key.c]
+     fix uninitialised nonce variable; reported by Mateusz Kocielski
 
 20110128
  - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled
diff --git a/key.c b/key.c
index 1defb113..e3a305e6 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.95 2010/11/10 01:33:07 djm Exp $ */
+/* $OpenBSD: key.c,v 1.96 2011/02/04 00:44:21 djm Exp $ */
 /*
  * read_bignum():
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1886,10 +1886,9 @@ key_certify(Key *k, Key *ca)
 	buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
 
 	/* -v01 certs put nonce first */
-	if (!key_cert_is_legacy(k)) {
-		arc4random_buf(&nonce, sizeof(nonce));
+	arc4random_buf(&nonce, sizeof(nonce));
+	if (!key_cert_is_legacy(k))
 		buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
-	}
 
 	switch (k->type) {
 	case KEY_DSA_CERT_V00:
author	Damien Miller <djm@mindrot.org>	2011-02-04 11:48:33 +1100
committer	Damien Miller <djm@mindrot.org>	2011-02-04 11:48:33 +1100
commit	baf0e28ca9cda83d1214697fd6888064ee05cf45 (patch)
tree	3a135d4c66955ba82f984cac320da6c3a02c3c67
parent	fb789a9108c47c1c9d49b64950dabf62b56bddce (diff)