From: Fabian Keil Date: Tue, 26 Nov 2019 12:35:30 +0000 (+0100) Subject: Don't clear the buffer passed to mbedtls_strerror() X-Git-Tag: v_3_0_29~549 X-Git-Url: http://www.privoxy.org/gitweb/introduction.html?a=commitdiff_plain;h=257b0c4c8ca62d683a33fc351a2ff2de6273b414;p=privoxy.git Don't clear the buffer passed to mbedtls_strerror() mbedtls_strerror() clears the buffer itself. --- diff --git a/ssl.c b/ssl.c index eb85ff2f..a76c37a8 100644 --- a/ssl.c +++ b/ssl.c @@ -241,7 +241,6 @@ extern int ssl_send_data(mbedtls_ssl_context *ssl, const unsigned char *buf, siz { char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); mbedtls_strerror(ret, err_buf, sizeof(err_buf)); log_error(LOG_LEVEL_ERROR, "Sending data over TLS/SSL failed: %s", err_buf); @@ -290,7 +289,6 @@ extern int ssl_recv_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t ma { char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); mbedtls_strerror(ret, err_buf, sizeof(err_buf)); log_error(LOG_LEVEL_ERROR, "Receiving data over TLS/SSL failed: %s", err_buf); @@ -385,8 +383,6 @@ extern int create_client_ssl_connection(struct client_state *csp) int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); - /* * Initializing mbedtls structures for TLS/SSL connection */ @@ -679,8 +675,6 @@ extern int create_server_ssl_connection(struct client_state *csp) char *trusted_cas_file = NULL; int auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; - memset(err_buf, 0, sizeof(err_buf)); - csp->server_cert_verification_result = SSL_CERT_NOT_VERIFIED; csp->server_certs_chain.next = NULL; @@ -961,7 +955,6 @@ static int write_certificate(mbedtls_x509write_cert *crt, const char *output_fil int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); memset(cert_buf, 0, sizeof(cert_buf)); /* @@ -1029,8 +1022,6 @@ static int write_private_key(mbedtls_pk_context *key, unsigned char **ret_buf, int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); - /* Initializing buffer for key file content */ *ret_buf = zalloc_or_die(PRIVATE_KEY_BUF_SIZE + 1); @@ -1110,7 +1101,6 @@ static int generate_key(unsigned char **key_buf, struct client_state *csp) char err_buf[ERROR_BUF_SIZE]; key_opt.key_file_path = NULL; - memset(err_buf, 0, sizeof(err_buf)); /* * Initializing structures for key generating @@ -1228,8 +1218,6 @@ extern int generate_webpage_certificate(struct client_state *csp) char err_buf[ERROR_BUF_SIZE]; cert_options cert_opt; - memset(err_buf, 0, sizeof(err_buf)); - /* Paths to keys and certificates needed to create certificate */ cert_opt.issuer_key = NULL; cert_opt.subject_key = NULL; @@ -2042,8 +2030,6 @@ static int seed_rng(struct client_state *csp) int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); - if (rng_seeded == 0) { privoxy_mutex_lock(&rng_mutex);