Don't use an uninitialised variable in srp application

The srp application created an uninitialised DB_ATTR object and then passed it to the load_index function which attempted to read it. A DB_ATTR object only contains a single field called "unique_subject". AFAICT this attribute is unused in the SRP case, and therefore it would be better to pass a NULL DB_ATTR to load_index (which handles that case gracefully). Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-04-29 12:17:15 +0100
committer: Matt Caswell <matt@openssl.org> 2016-04-29 16:47:41 +0100
commit: 9d7ec8090ec1f131825c1bd087969c2e88750385 (patch)
tree: 5745078dccab8a7fb6116bc96b8418b1c7edabcd /apps/srp.c
parent: 40a8643a37ea50781872acd740020ac5b6c8f699 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/apps/srp.c b/apps/srp.c
index 1bf2ee299a..48ef85ded3 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -256,7 +256,6 @@ OPTIONS srp_options[] = {
 int srp_main(int argc, char **argv)
 {
     CA_DB *db = NULL;
-    DB_ATTR db_attr;
     CONF *conf = NULL;
     int gNindex = -1, maxgN = -1, ret = 1, errors = 0, verbose = 0, i;
     int doupdatedb = 0, mode = OPT_ERR;
@@ -401,7 +400,7 @@ int srp_main(int argc, char **argv)
         BIO_printf(bio_err, "Trying to read SRP verifier file \"%s\"\n",
                    srpvfile);
 
-    db = load_index(srpvfile, &db_attr);
+    db = load_index(srpvfile, NULL);
     if (db == NULL)
         goto end;
author	Matt Caswell <matt@openssl.org>	2016-04-29 12:17:15 +0100
committer	Matt Caswell <matt@openssl.org>	2016-04-29 16:47:41 +0100
commit	9d7ec8090ec1f131825c1bd087969c2e88750385 (patch)
tree	5745078dccab8a7fb6116bc96b8418b1c7edabcd /apps/srp.c
parent	40a8643a37ea50781872acd740020ac5b6c8f699 (diff)