From 36050730c74c332375cc1c6e5deb03ef67e06229 Mon Sep 17 00:00:00 2001 From: Benjamin Kier Date: Thu, 30 May 2019 14:49:17 -0400 Subject: [PATCH 1/3] Fixed possibly undefined variable warnings by initializing variables to 0. --- library/x509_crl.c | 2 +- library/x509_crt.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/x509_crl.c b/library/x509_crl.c index d1176fcef..371c446be 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -541,7 +541,7 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s { #if defined(MBEDTLS_PEM_PARSE_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t use_len; + size_t use_len = 0; mbedtls_pem_context pem; int is_pem = 0; diff --git a/library/x509_crt.c b/library/x509_crt.c index 38e69cc55..1e472303b 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2538,7 +2538,7 @@ static int x509_crt_find_parent_in( { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *parent, *fallback_parent; - int signature_is_good, fallback_signature_is_good; + int signature_is_good = 0, fallback_signature_is_good; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* did we have something in progress? */ From 3ca1bcc7e55c18b1559f426688b1b3be36fe67f6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 30 Sep 2019 17:20:23 +0200 Subject: [PATCH 2/3] Add ChangeLog entry for #2663 --- ChangeLog | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 07880b2e3..2fd73455a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,6 +14,8 @@ Bugfix * Fix an unchecked call to mbedtls_md() in the x509write module. * Fix build failure with MBEDTLS_ZLIB_SUPPORT enabled. Reported by Jack Lloyd in #2859. Fix submitted by jiblime in #2963. + * Fix some false-positive uninitialized variable warnings. Fix contributed + by apple-ihack-geek in #2663. = mbed TLS 2.20.0 branch released 2020-01-15 @@ -86,8 +88,6 @@ Bugfix * mbedtls_ctr_drbg_set_entropy_len() and mbedtls_hmac_drbg_set_entropy_len() now work if you call them before mbedtls_ctr_drbg_seed() or mbedtls_hmac_drbg_seed(). - * Fix some false-positive uninitialized variable warnings. Fix contributed - by apple-ihack-geek in #2663. Changes * Remove the technical possibility to define custom mbedtls_md_info @@ -119,6 +119,10 @@ API Changes mbedtls_ssl_export_keys_ext_t, so that the key exporter is discouraged from modifying the client/server hello. +Bugfix + * Fix some false-positive uninitialized variable warnings. Fix + contributed by apple-ihack-geek in #2663. + = mbed TLS 2.19.0 branch released 2019-09-06 Security From 393defe7eda6f09ab55ba8137ff37460ec4ebd8a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 11 Feb 2020 15:31:18 +0100 Subject: [PATCH 3/3] Clarify two identical changelog entries The contribution from #2663 was split in two: the crypto part was mereged in 2.19.1 and the x509 part was merged after 2.20.0. Tweak the wording of the changelog entries to specify which is which. --- ChangeLog | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2fd73455a..aadc9e95d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -14,8 +14,8 @@ Bugfix * Fix an unchecked call to mbedtls_md() in the x509write module. * Fix build failure with MBEDTLS_ZLIB_SUPPORT enabled. Reported by Jack Lloyd in #2859. Fix submitted by jiblime in #2963. - * Fix some false-positive uninitialized variable warnings. Fix contributed - by apple-ihack-geek in #2663. + * Fix some false-positive uninitialized variable warnings in X.509. Fix + contributed by apple-ihack-geek in #2663. = mbed TLS 2.20.0 branch released 2020-01-15 @@ -120,7 +120,7 @@ API Changes from modifying the client/server hello. Bugfix - * Fix some false-positive uninitialized variable warnings. Fix + * Fix some false-positive uninitialized variable warnings in crypto. Fix contributed by apple-ihack-geek in #2663. = mbed TLS 2.19.0 branch released 2019-09-06