Fix uninitialised memory access in constant time functions Fix an issue reported by Coverity whereby some constant time functions called from the ssl decrypt code could potentially access uninitialised memory. Signed-off-by: Paul Elliott <paul.elliott@arm.com>

commit: b83002831470bb0945f515c1cfaa94a449af7214 [log] [tgz]
author: Paul Elliott <paul.elliott@arm.com> Thu May 19 18:31:35 2022 +0100
committer: Paul Elliott <paul.elliott@arm.com> Thu May 19 18:31:35 2022 +0100
tree: 0e7e3374b86b5983454f3be764be9a80adf89c6b
parent: bdd6905a5cb44fce66af373b3faa80f23002afc4 [diff] [blame]
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 933d3d9..5a4574d 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -1590,8 +1590,8 @@
 #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
     if( auth_done == 0 )
     {
-        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
-        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD];
+        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 };
+        unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 };
 
         /* If the initial value of padlen was such that
          * data_len < maclen + padlen + 1, then padlen
commit	b83002831470bb0945f515c1cfaa94a449af7214	[log] [tgz]
author	Paul Elliott <paul.elliott@arm.com>	Thu May 19 18:31:35 2022 +0100
committer	Paul Elliott <paul.elliott@arm.com>	Thu May 19 18:31:35 2022 +0100
tree	0e7e3374b86b5983454f3be764be9a80adf89c6b
parent	bdd6905a5cb44fce66af373b3faa80f23002afc4 [diff] [blame]