Fix uninitialised memory access in constant time functions Fix an issue reported by Coverity whereby some constant time functions called from the ssl decrypt code could potentially access uninitialised memory. Signed-off-by: Paul Elliott <paul.elliott@arm.com>

commit: 5260ce27edaaa43e4df193b146e0881d238ff7ae [log] [tgz]
author: Paul Elliott <paul.elliott@arm.com> Mon May 09 18:15:54 2022 +0100
committer: Paul Elliott <paul.elliott@arm.com> Thu May 19 18:23:24 2022 +0100
tree: cc18ee93a5e79b2cbe26f772702dd90cdde05325
parent: a745c7d4398b22ceae1ce21bfbcb2fa2f7fab4d3 [diff] [blame]
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 083c8d2..ba412af 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -1634,8 +1634,8 @@
 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
     if( auth_done == 0 )
     {
-        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
-        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD];
+        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 };
+        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 };
 
         /* If the initial value of padlen was such that
          * data_len < maclen + padlen + 1, then padlen
commit	5260ce27edaaa43e4df193b146e0881d238ff7ae	[log] [tgz]
author	Paul Elliott <paul.elliott@arm.com>	Mon May 09 18:15:54 2022 +0100
committer	Paul Elliott <paul.elliott@arm.com>	Thu May 19 18:23:24 2022 +0100
tree	cc18ee93a5e79b2cbe26f772702dd90cdde05325
parent	a745c7d4398b22ceae1ce21bfbcb2fa2f7fab4d3 [diff] [blame]