Fix an uninitialised read in conf_def.c

PR 8882 added a new field to the CONF structure. Unfortunately this structure was created using OPENSSL_malloc() and the new field was not explicitly initialised in the "init" function. Therefore when we came to read it for the first time we got an uninitialised read. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10428)
author: Matt Caswell <matt@openssl.org> 2019-11-12 17:16:14 +0000
committer: Matt Caswell <matt@openssl.org> 2019-11-14 10:42:45 +0000
commit: c15faa8d5c00445b0a6316b751a7e9c770b73252 (patch)
tree: 2afbe874723baa8632295a9fb1080c9320e6b2e4 /crypto/conf
parent: b3b045f6b0d23cb44f632cab8231fff362f16742 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 4114636151..9718b73a18 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -121,9 +121,9 @@ static int def_init_default(CONF *conf)
     if (conf == NULL)
         return 0;
 
+    memset(conf, 0, sizeof(*conf));
     conf->meth = &default_method;
     conf->meth_data = (void *)CONF_type_default;
-    conf->data = NULL;
 
     return 1;
 }
@@ -134,9 +134,9 @@ static int def_init_WIN32(CONF *conf)
     if (conf == NULL)
         return 0;
 
+    memset(conf, 0, sizeof(*conf));
     conf->meth = &WIN32_method;
     conf->meth_data = (void *)CONF_type_win32;
-    conf->data = NULL;
 
     return 1;
 }
author	Matt Caswell <matt@openssl.org>	2019-11-12 17:16:14 +0000
committer	Matt Caswell <matt@openssl.org>	2019-11-14 10:42:45 +0000
commit	c15faa8d5c00445b0a6316b751a7e9c770b73252 (patch)
tree	2afbe874723baa8632295a9fb1080c9320e6b2e4 /crypto/conf
parent	b3b045f6b0d23cb44f632cab8231fff362f16742 (diff)