commit 4e720f12fade8d433e5a0eb3ead9017193dac6e7
author Pauli <pauli@openssl.org> Wed Mar 16 14:30:03 2022 +1100
committer Pauli <pauli@openssl.org> Sun May 08 17:50:04 2022 +1000
tree 5f76468fed6406d2f564f2485baa4edd351fd35b
parent 6d4f63469ed5a0f6e7ccde189e8a6d2bb1d2b26a

Fix Coverity 1201740 & 1201712: uninitialised values

These are both false positives since the `d` array is initialised by
the `DES_cfb_encrypt()` call via the `l2cn` macro.  Rather than ignoring them
and having them crop up later, it's easier to just add an initialiser.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17894)

crypto/evp/e_des.c

diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index cd6e5af..6eb49c0 100644
--- a/crypto/evp/e_des.c
+++ b/crypto/evp/e_des.c
@@ -149,7 +149,8 @@
                            const unsigned char *in, size_t inl)
 {
     size_t n, chunk = EVP_MAXCHUNK / 8;
-    unsigned char c[1], d[1];
+    unsigned char c[1];
+    unsigned char d[1] = { 0 };  /* Appease Coverity */
 
     if (inl < chunk)
         chunk = inl;

crypto/evp/e_des3.c

diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 1e15918..c0bc7fd 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -165,7 +165,8 @@
                                 const unsigned char *in, size_t inl)
 {
     size_t n;
-    unsigned char c[1], d[1];
+    unsigned char c[1];
+    unsigned char d[1] = { 0 }; /* Appease Coverity */
 
     if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
             inl *= 8;