Merge pull request #2873 from gilles-peskine-arm/bk-warning-fixes-x509
Fix some possibly-undefined variable warnings
diff --git a/ChangeLog b/ChangeLog
index 07880b2..aadc9e9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,8 @@
* Fix an unchecked call to mbedtls_md() in the x509write module.
* Fix build failure with MBEDTLS_ZLIB_SUPPORT enabled. Reported by
Jack Lloyd in #2859. Fix submitted by jiblime in #2963.
+ * Fix some false-positive uninitialized variable warnings in X.509. Fix
+ contributed by apple-ihack-geek in #2663.
= mbed TLS 2.20.0 branch released 2020-01-15
@@ -86,8 +88,6 @@
* mbedtls_ctr_drbg_set_entropy_len() and
mbedtls_hmac_drbg_set_entropy_len() now work if you call them before
mbedtls_ctr_drbg_seed() or mbedtls_hmac_drbg_seed().
- * Fix some false-positive uninitialized variable warnings. Fix contributed
- by apple-ihack-geek in #2663.
Changes
* Remove the technical possibility to define custom mbedtls_md_info
@@ -119,6 +119,10 @@
mbedtls_ssl_export_keys_ext_t, so that the key exporter is discouraged
from modifying the client/server hello.
+Bugfix
+ * Fix some false-positive uninitialized variable warnings in crypto. Fix
+ contributed by apple-ihack-geek in #2663.
+
= mbed TLS 2.19.0 branch released 2019-09-06
Security
diff --git a/library/x509_crl.c b/library/x509_crl.c
index d1176fc..371c446 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -541,7 +541,7 @@
{
#if defined(MBEDTLS_PEM_PARSE_C)
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t use_len;
+ size_t use_len = 0;
mbedtls_pem_context pem;
int is_pem = 0;
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 38e69cc..1e47230 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2538,7 +2538,7 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_x509_crt *parent, *fallback_parent;
- int signature_is_good, fallback_signature_is_good;
+ int signature_is_good = 0, fallback_signature_is_good;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
/* did we have something in progress? */