diff options
author | Matt Caswell <matt@openssl.org> | 2016-04-29 12:17:15 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-04-29 16:47:41 +0100 |
commit | 9d7ec8090ec1f131825c1bd087969c2e88750385 (patch) | |
tree | 5745078dccab8a7fb6116bc96b8418b1c7edabcd /apps/srp.c | |
parent | 40a8643a37ea50781872acd740020ac5b6c8f699 (diff) |
Don't use an uninitialised variable in srp application
The srp application created an uninitialised DB_ATTR object and then
passed it to the load_index function which attempted to read it. A
DB_ATTR object only contains a single field called "unique_subject".
AFAICT this attribute is unused in the SRP case, and therefore it would be
better to pass a NULL DB_ATTR to load_index (which handles that case
gracefully).
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'apps/srp.c')
-rw-r--r-- | apps/srp.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/apps/srp.c b/apps/srp.c index 1bf2ee299a..48ef85ded3 100644 --- a/apps/srp.c +++ b/apps/srp.c @@ -256,7 +256,6 @@ OPTIONS srp_options[] = { int srp_main(int argc, char **argv) { CA_DB *db = NULL; - DB_ATTR db_attr; CONF *conf = NULL; int gNindex = -1, maxgN = -1, ret = 1, errors = 0, verbose = 0, i; int doupdatedb = 0, mode = OPT_ERR; @@ -401,7 +400,7 @@ int srp_main(int argc, char **argv) BIO_printf(bio_err, "Trying to read SRP verifier file \"%s\"\n", srpvfile); - db = load_index(srpvfile, &db_attr); + db = load_index(srpvfile, NULL); if (db == NULL) goto end; |