diff --git a/kadmin/mod.c b/kadmin/mod.c index 7fa222a00..8af92f97c 100644 --- a/kadmin/mod.c +++ b/kadmin/mod.c @@ -62,7 +62,7 @@ add_constrained_delegation(krb5_context contextp, krb5_error_code ret; HDB_extension ext; krb5_data buf; - size_t size; + size_t size = 0; memset(&ext, 0, sizeof(ext)); ext.mandatory = FALSE; @@ -110,7 +110,7 @@ add_aliases(krb5_context contextp, kadm5_principal_ent_rec *princ, HDB_extension ext; krb5_data buf; krb5_principal p; - size_t size; + size_t size = 0; int i; memset(&ext, 0, sizeof(ext)); @@ -152,7 +152,7 @@ add_pkinit_acl(krb5_context contextp, kadm5_principal_ent_rec *princ, krb5_error_code ret; HDB_extension ext; krb5_data buf; - size_t size; + size_t size = 0; int i; memset(&ext, 0, sizeof(ext)); diff --git a/kadmin/util.c b/kadmin/util.c index feaa58159..480c82e7d 100644 --- a/kadmin/util.c +++ b/kadmin/util.c @@ -512,8 +512,8 @@ foreach_principal(const char *exp_str, const char *funcname, void *data) { - char **princs; - int num_princs; + char **princs = NULL; + int num_princs = 0; int i; krb5_error_code saved_ret = 0, ret = 0; krb5_principal princ_ent; diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c index 1d97a60ae..41281f5d6 100644 --- a/kdc/kerberos5.c +++ b/kdc/kerberos5.c @@ -264,7 +264,7 @@ _kdc_encode_reply(krb5_context context, { unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; krb5_error_code ret; krb5_crypto crypto; @@ -1664,7 +1664,7 @@ _kdc_as_rep(krb5_context context, krb5_data data; PA_DATA pa; krb5_crypto cryptox; - size_t len; + size_t len = 0; memset(&canon, 0, sizeof(canon)); @@ -1826,7 +1826,7 @@ _kdc_tkt_add_if_relevant_ad(krb5_context context, const krb5_data *data) { krb5_error_code ret; - size_t size; + size_t size = 0; if (tkt->authorization_data == NULL) { tkt->authorization_data = calloc(1, sizeof(*tkt->authorization_data)); diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c index 94e684432..8d9090f70 100644 --- a/kdc/krb5tgs.c +++ b/kdc/krb5tgs.c @@ -113,7 +113,7 @@ _kdc_add_KRB5SignedPath(krb5_context context, KRB5SignedPath sp; krb5_data data; krb5_crypto crypto = NULL; - size_t size; + size_t size = 0; if (server && principals) { ret = add_Principals(principals, server); @@ -203,7 +203,7 @@ check_KRB5SignedPath(krb5_context context, if (ret == 0) { KRB5SignedPathData spd; KRB5SignedPath sp; - size_t size; + size_t size = 0; ret = decode_KRB5SignedPath(data.data, data.length, &sp, NULL); krb5_data_free(&data); @@ -1004,7 +1004,7 @@ tgs_check_authenticator(krb5_context context, krb5_keyblock *key) { krb5_authenticator auth; - size_t len; + size_t len = 0; unsigned char *buf; size_t buf_size; krb5_error_code ret; @@ -1385,7 +1385,7 @@ build_server_referral(krb5_context context, krb5_error_code ret; EncryptedData ed; krb5_data data; - size_t size; + size_t size = 0; memset(&ref, 0, sizeof(ref)); diff --git a/kdc/pkinit.c b/kdc/pkinit.c index 6a6040c26..ca81dc227 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -116,7 +116,7 @@ pk_check_pkauthenticator(krb5_context context, u_char *buf = NULL; size_t buf_size; krb5_error_code ret; - size_t len; + size_t len = 0; krb5_timestamp now; Checksum checksum; @@ -921,7 +921,7 @@ pk_mk_pa_reply_enckey(krb5_context context, const heim_oid *envelopedAlg = NULL, *sdAlg = NULL, *evAlg = NULL; krb5_error_code ret; krb5_data buf, signed_data; - size_t size; + size_t size = 0; int do_win2k = 0; krb5_data_zero(&buf); @@ -1101,7 +1101,7 @@ pk_mk_pa_reply_dh(krb5_context context, krb5_error_code ret; hx509_cert cert; hx509_query *q; - size_t size; + size_t size = 0; memset(&contentinfo, 0, sizeof(contentinfo)); memset(&dh_info, 0, sizeof(dh_info)); @@ -1242,8 +1242,8 @@ _kdc_pk_mk_pa_reply(krb5_context context, METHOD_DATA *md) { krb5_error_code ret; - void *buf; - size_t len, size; + void *buf = NULL; + size_t len = 0, size = 0; krb5_enctype enctype; int pa_type; hx509_cert kdc_cert = NULL; @@ -1872,7 +1872,7 @@ _kdc_add_inital_verified_cas(krb5_context context, AD_INITIAL_VERIFIED_CAS cas; krb5_error_code ret; krb5_data data; - size_t size; + size_t size = 0; memset(&cas, 0, sizeof(cas)); diff --git a/lib/asn1/gen_template.c b/lib/asn1/gen_template.c index 3a9214a2c..a9c12de68 100644 --- a/lib/asn1/gen_template.c +++ b/lib/asn1/gen_template.c @@ -484,7 +484,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na } break; case TInteger: { - char *itype; + char *itype = NULL; if (t->members) itype = "IMEMBER"; @@ -644,7 +644,7 @@ template_members(struct templatehead *temp, const char *basetype, const char *na } case TSetOf: case TSequenceOf: { - const char *type, *tname, *dupname; + const char *type = NULL, *tname, *dupname; char *sename = NULL, *elname = NULL; int subtype_is_struct = is_struct(t->subtype, 0); diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c index 4df26c48e..2f08040e8 100644 --- a/lib/gssapi/krb5/init_sec_context.c +++ b/lib/gssapi/krb5/init_sec_context.c @@ -529,7 +529,7 @@ init_auth_restart Checksum cksum; krb5_enctype enctype; krb5_data fwd_data, timedata; - int32_t offset = 0, oldoffset; + int32_t offset = 0, oldoffset = 0; uint32_t flagmask; krb5_data_zero(&outbuf); diff --git a/lib/gssapi/spnego/accept_sec_context.c b/lib/gssapi/spnego/accept_sec_context.c index 8a5dbe742..2d0b9e1a8 100644 --- a/lib/gssapi/spnego/accept_sec_context.c +++ b/lib/gssapi/spnego/accept_sec_context.c @@ -90,7 +90,7 @@ send_supported_mechs (OM_uint32 *minor_status, gss_buffer_t output_token) { NegotiationTokenWin nt; - size_t buf_len; + size_t buf_len = 0; gss_buffer_desc data; OM_uint32 ret; @@ -132,8 +132,10 @@ send_supported_mechs (OM_uint32 *minor_status, *minor_status = ret; return GSS_S_FAILURE; } - if (data.length != buf_len) + if (data.length != buf_len) { abort(); + UNREACHABLE(return GSS_S_FAILURE); + } ret = gss_encapsulate_token(&data, GSS_SPNEGO_MECHANISM, output_token); @@ -439,7 +441,7 @@ acceptor_complete(OM_uint32 * minor_status, if (verify_mic || *get_mic) { int eret; - size_t buf_len; + size_t buf_len = 0; ASN1_MALLOC_ENCODE(MechTypeList, mech_buf->value, mech_buf->length, @@ -448,8 +450,10 @@ acceptor_complete(OM_uint32 * minor_status, *minor_status = eret; return GSS_S_FAILURE; } - if (buf.length != buf_len) + if (buf.length != buf_len) { abort(); + UNREACHABLE(return GSS_S_FAILURE); + } } if (verify_mic) { diff --git a/lib/gssapi/spnego/init_sec_context.c b/lib/gssapi/spnego/init_sec_context.c index c9e182129..b4b1bcefc 100644 --- a/lib/gssapi/spnego/init_sec_context.c +++ b/lib/gssapi/spnego/init_sec_context.c @@ -392,7 +392,7 @@ spnego_reply NegotiationToken resp; gss_OID_desc mech; int require_mic; - size_t buf_len; + size_t buf_len = 0; gss_buffer_desc mic_buf, mech_buf; gss_buffer_desc mech_output_token; gssspnego_ctx ctx; @@ -557,8 +557,10 @@ spnego_reply *minor_status = ret; return GSS_S_FAILURE; } - if (mech_buf.length != buf_len) + if (mech_buf.length != buf_len) { abort(); + UNREACHABLE(return GSS_S_FAILURE); + } if (resp.u.negTokenResp.mechListMIC == NULL) { HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); diff --git a/lib/hcrypto/dh.c b/lib/hcrypto/dh.c index 43e1d6ac1..e1f82bfd3 100644 --- a/lib/hcrypto/dh.c +++ b/lib/hcrypto/dh.c @@ -539,8 +539,10 @@ i2d_DHparams(DH *dh, unsigned char **pp) free_DHParameter(&data); if (ret) return -1; - if (len != size) + if (len != size) { abort(); + return -1; + } memcpy(*pp, p, size); free(p); diff --git a/lib/hcrypto/libtommath/bn_mp_invmod.c b/lib/hcrypto/libtommath/bn_mp_invmod.c index 154651468..ac1a95231 100644 --- a/lib/hcrypto/libtommath/bn_mp_invmod.c +++ b/lib/hcrypto/libtommath/bn_mp_invmod.c @@ -32,9 +32,9 @@ int mp_invmod (mp_int * a, mp_int * b, mp_int * c) #ifdef BN_MP_INVMOD_SLOW_C return mp_invmod_slow(a, b, c); -#endif - +#else return MP_VAL; +#endif } #endif diff --git a/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c b/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c index daf2ec7c6..a2897f087 100644 --- a/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c +++ b/lib/hcrypto/libtommath/bn_mp_prime_next_prime.c @@ -22,7 +22,7 @@ */ int mp_prime_next_prime(mp_int *a, int t, int bbs_style) { - int err, res, x, y; + int err, res = MP_NO, x, y; mp_digit res_tab[PRIME_SIZE], step, kstep; mp_int b; diff --git a/lib/hdb/common.c b/lib/hdb/common.c index f1d011a2b..abaa5e323 100644 --- a/lib/hdb/common.c +++ b/lib/hdb/common.c @@ -37,7 +37,7 @@ int hdb_principal2key(krb5_context context, krb5_const_principal p, krb5_data *key) { Principal new; - size_t len; + size_t len = 0; int ret; ret = copy_Principal(p, &new); @@ -61,7 +61,7 @@ hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p) int hdb_entry2value(krb5_context context, const hdb_entry *ent, krb5_data *value) { - size_t len; + size_t len = 0; int ret; ASN1_MALLOC_ENCODE(hdb_entry, value->data, value->length, ent, &len, ret); @@ -81,7 +81,7 @@ hdb_entry_alias2value(krb5_context context, const hdb_entry_alias *alias, krb5_data *value) { - size_t len; + size_t len = 0; int ret; ASN1_MALLOC_ENCODE(hdb_entry_alias, value->data, value->length, diff --git a/lib/hdb/print.c b/lib/hdb/print.c index 510d53bbe..697d32d29 100644 --- a/lib/hdb/print.c +++ b/lib/hdb/print.c @@ -209,7 +209,7 @@ entry2string_int (krb5_context context, krb5_storage *sp, hdb_entry *ent) if(ent->extensions && ent->extensions->len > 0) { for(i = 0; i < ent->extensions->len; i++) { void *d; - size_t size, sz; + size_t size, sz = 0; ASN1_MALLOC_ENCODE(HDB_extension, d, size, &ent->extensions->val[i], &sz, ret); diff --git a/lib/hx509/hxtool.c b/lib/hx509/hxtool.c index 7cb4462d2..15cddb583 100644 --- a/lib/hx509/hxtool.c +++ b/lib/hx509/hxtool.c @@ -1449,7 +1449,7 @@ crypto_available(struct crypto_available_options *opt, int argc, char **argv) { AlgorithmIdentifier *val; unsigned int len, i; - int ret, type; + int ret, type = HX509_SELECT_ALL; if (opt->type_string) { if (strcmp(opt->type_string, "all") == 0) @@ -1462,8 +1462,7 @@ crypto_available(struct crypto_available_options *opt, int argc, char **argv) type = HX509_SELECT_SECRET_ENC; else errx(1, "unknown type: %s", opt->type_string); - } else - type = HX509_SELECT_ALL; + } ret = hx509_crypto_available(context, type, NULL, &val, &len); if (ret) @@ -1486,7 +1485,7 @@ crypto_select(struct crypto_select_options *opt, int argc, char **argv) { hx509_peer_info peer = NULL; AlgorithmIdentifier selected; - int ret, type; + int ret, type = HX509_SELECT_DIGEST; char *s; if (opt->type_string) { @@ -1498,8 +1497,7 @@ crypto_select(struct crypto_select_options *opt, int argc, char **argv) type = HX509_SELECT_SECRET_ENC; else errx(1, "unknown type: %s", opt->type_string); - } else - type = HX509_SELECT_DIGEST; + } if (opt->peer_cmstype_strings.num_strings) peer_strings(context, &peer, &opt->peer_cmstype_strings); diff --git a/lib/krb5/addr_families.c b/lib/krb5/addr_families.c index 768d77628..da3661702 100644 --- a/lib/krb5/addr_families.c +++ b/lib/krb5/addr_families.c @@ -652,8 +652,10 @@ arange_order_addr(krb5_context context, a = addr2->address.data; a2 = addr1; sign = -1; - } else + } else { abort(); + UNREACHABLE(return 0); + } if(a2->addr_type == KRB5_ADDRESS_ARANGE) { struct arange *b = a2->address.data; diff --git a/lib/krb5/build_auth.c b/lib/krb5/build_auth.c index 85d64525d..02d8f7827 100644 --- a/lib/krb5/build_auth.c +++ b/lib/krb5/build_auth.c @@ -41,7 +41,7 @@ make_etypelist(krb5_context context, krb5_error_code ret; krb5_authdata ad; u_char *buf; - size_t len; + size_t len = 0; size_t buf_size; ret = krb5_init_etype(context, &etypes.len, &etypes.val, NULL); @@ -111,7 +111,7 @@ _krb5_build_authenticator (krb5_context context, Authenticator auth; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_error_code ret; krb5_crypto crypto; diff --git a/lib/krb5/changepw.c b/lib/krb5/changepw.c index 4373f700b..24f4ddde7 100644 --- a/lib/krb5/changepw.c +++ b/lib/krb5/changepw.c @@ -173,7 +173,7 @@ setpw_send_request (krb5_context context, krb5_data krb_priv_data; krb5_data pwd_data; ChangePasswdDataMS chpw; - size_t len; + size_t len = 0; u_char header[4 + 6]; u_char *p; struct iovec iov[3]; diff --git a/lib/krb5/crypto-pk.c b/lib/krb5/crypto-pk.c index ae70ca8b5..7fedb65c9 100644 --- a/lib/krb5/crypto-pk.c +++ b/lib/krb5/crypto-pk.c @@ -110,7 +110,7 @@ encode_uvinfo(krb5_context context, krb5_const_principal p, krb5_data *data) { KRB5PrincipalName pn; krb5_error_code ret; - size_t size; + size_t size = 0; pn.principalName = p->name; pn.realm = p->realm; @@ -143,7 +143,7 @@ encode_otherinfo(krb5_context context, PkinitSuppPubInfo pubinfo; krb5_error_code ret; krb5_data pub; - size_t size; + size_t size = 0; krb5_data_zero(other); memset(&otherinfo, 0, sizeof(otherinfo)); diff --git a/lib/krb5/deprecated.c b/lib/krb5/deprecated.c index 76ca50a93..8621bf1e3 100644 --- a/lib/krb5/deprecated.c +++ b/lib/krb5/deprecated.c @@ -120,7 +120,7 @@ krb5_keytype_to_string(krb5_context context, krb5_keytype keytype, char **string) { - const char *name; + const char *name = NULL; int i; for(i = 0; i < num_keys; i++) { diff --git a/lib/krb5/digest.c b/lib/krb5/digest.c index 3b2973d36..ef3267b3a 100644 --- a/lib/krb5/digest.c +++ b/lib/krb5/digest.c @@ -244,7 +244,7 @@ digest_request(krb5_context context, DigestREP rep; krb5_error_code ret; krb5_data data, data2; - size_t size; + size_t size = 0; krb5_crypto crypto = NULL; krb5_auth_context ac = NULL; krb5_principal principal = NULL; diff --git a/lib/krb5/get_cred.c b/lib/krb5/get_cred.c index d4b56cf01..63984bc93 100644 --- a/lib/krb5/get_cred.c +++ b/lib/krb5/get_cred.c @@ -55,7 +55,7 @@ make_pa_tgs_req(krb5_context context, { u_char *buf; size_t buf_size; - size_t len; + size_t len = 0; krb5_data in_data; krb5_error_code ret; @@ -90,7 +90,7 @@ set_auth_data (krb5_context context, krb5_keyblock *subkey) { if(authdata->len) { - size_t len, buf_size; + size_t len = 0, buf_size; unsigned char *buf; krb5_crypto crypto; krb5_error_code ret; @@ -334,6 +334,8 @@ decrypt_tkt_with_subkey (krb5_context context, assert(usage == 0); + krb5_data_zero(&data); + /* * start out with trying with subkey if we have one */ @@ -408,7 +410,7 @@ get_cred_kdc(krb5_context context, krb5_error_code ret; unsigned nonce; krb5_keyblock *subkey = NULL; - size_t len; + size_t len = 0; Ticket second_ticket_data; METHOD_DATA padata; @@ -435,7 +437,7 @@ get_cred_kdc(krb5_context context, PA_S4U2Self self; krb5_data data; void *buf; - size_t size; + size_t size = 0; self.name = impersonate_principal->name; self.realm = impersonate_principal->realm; diff --git a/lib/krb5/get_in_tkt.c b/lib/krb5/get_in_tkt.c index 631fda119..0a9511fdc 100644 --- a/lib/krb5/get_in_tkt.c +++ b/lib/krb5/get_in_tkt.c @@ -44,7 +44,7 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, PA_ENC_TS_ENC p; unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; EncryptedData encdata; krb5_error_code ret; int32_t usec; @@ -380,7 +380,7 @@ krb5_get_in_cred(krb5_context context, AS_REQ a; krb5_kdc_rep rep; krb5_data req, resp; - size_t len; + size_t len = 0; krb5_salt salt; krb5_keyblock *key; size_t size; diff --git a/lib/krb5/init_creds_pw.c b/lib/krb5/init_creds_pw.c index 6e34c4923..bbcb8de53 100644 --- a/lib/krb5/init_creds_pw.c +++ b/lib/krb5/init_creds_pw.c @@ -928,7 +928,7 @@ make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, PA_ENC_TS_ENC p; unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; EncryptedData encdata; krb5_error_code ret; int32_t usec; @@ -1109,7 +1109,7 @@ pa_data_add_pac_request(krb5_context context, krb5_get_init_creds_ctx *ctx, METHOD_DATA *md) { - size_t len, length; + size_t len = 0, length; krb5_error_code ret; PA_PAC_REQUEST req; void *buf; @@ -1647,7 +1647,7 @@ krb5_init_creds_step(krb5_context context, unsigned int *flags) { krb5_error_code ret; - size_t len; + size_t len = 0; size_t size; krb5_data_zero(out); diff --git a/lib/krb5/mk_error.c b/lib/krb5/mk_error.c index c0a82ae26..5fee1d6be 100644 --- a/lib/krb5/mk_error.c +++ b/lib/krb5/mk_error.c @@ -48,7 +48,7 @@ krb5_mk_error(krb5_context context, KRB_ERROR msg; krb5_timestamp sec; int32_t usec; - size_t len; + size_t len = 0; krb5_error_code ret = 0; krb5_us_timeofday (context, &sec, &usec); diff --git a/lib/krb5/mk_priv.c b/lib/krb5/mk_priv.c index 833821341..dede6d2fa 100644 --- a/lib/krb5/mk_priv.c +++ b/lib/krb5/mk_priv.c @@ -45,7 +45,7 @@ krb5_mk_priv(krb5_context context, EncKrbPrivPart part; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_crypto crypto; krb5_keyblock *key; krb5_replay_data rdata; diff --git a/lib/krb5/mk_rep.c b/lib/krb5/mk_rep.c index 2b9c3fbdb..84c315291 100644 --- a/lib/krb5/mk_rep.c +++ b/lib/krb5/mk_rep.c @@ -43,7 +43,7 @@ krb5_mk_rep(krb5_context context, EncAPRepPart body; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_crypto crypto; ap.pvno = 5; diff --git a/lib/krb5/mk_safe.c b/lib/krb5/mk_safe.c index b2858acf8..b327e1ce7 100644 --- a/lib/krb5/mk_safe.c +++ b/lib/krb5/mk_safe.c @@ -44,7 +44,7 @@ krb5_mk_safe(krb5_context context, KRB_SAFE s; u_char *buf = NULL; size_t buf_size; - size_t len; + size_t len = 0; krb5_crypto crypto; krb5_keyblock *key; krb5_replay_data rdata; diff --git a/lib/krb5/pkinit.c b/lib/krb5/pkinit.c index 5d8a479a7..0f3574b88 100644 --- a/lib/krb5/pkinit.c +++ b/lib/krb5/pkinit.c @@ -299,7 +299,7 @@ cert2epi(hx509_context context, void *ctx, hx509_cert c) { IssuerAndSerialNumber iasn; hx509_name issuer; - size_t size; + size_t size = 0; memset(&iasn, 0, sizeof(iasn)); @@ -365,7 +365,7 @@ build_auth_pack(krb5_context context, const KDC_REQ_BODY *body, AuthPack *a) { - size_t buf_size, len; + size_t buf_size, len = 0; krb5_error_code ret; void *buf; krb5_timestamp sec; @@ -414,7 +414,7 @@ build_auth_pack(krb5_context context, const char *moduli_file; unsigned long dh_min_bits; krb5_data dhbuf; - size_t size; + size_t size = 0; krb5_data_zero(&dhbuf); @@ -650,10 +650,10 @@ pk_mk_padata(krb5_context context, { struct ContentInfo content_info; krb5_error_code ret; - const heim_oid *oid; - size_t size; + const heim_oid *oid = NULL; + size_t size = 0; krb5_data buf, sd_buf; - int pa_type; + int pa_type = -1; krb5_data_zero(&buf); krb5_data_zero(&sd_buf); @@ -2554,7 +2554,7 @@ krb5_pk_enterprise_cert(krb5_context context, #ifdef PKINIT krb5_error_code ret; hx509_certs certs, result; - hx509_cert cert; + hx509_cert cert = NULL; hx509_query *q; char *name; diff --git a/lib/krb5/plugin.c b/lib/krb5/plugin.c index ea47e13a7..49d05b4fe 100644 --- a/lib/krb5/plugin.c +++ b/lib/krb5/plugin.c @@ -196,9 +196,9 @@ is_valid_plugin_filename(const char * n) return !stricmp(ext, ".dll"); } -#endif - +#else return 1; +#endif } static void diff --git a/lib/krb5/rd_cred.c b/lib/krb5/rd_cred.c index 3473244bc..d1d0c0390 100644 --- a/lib/krb5/rd_cred.c +++ b/lib/krb5/rd_cred.c @@ -68,6 +68,7 @@ krb5_rd_cred(krb5_context context, size_t i; memset(&enc_krb_cred_part, 0, sizeof(enc_krb_cred_part)); + krb5_data_zero(&enc_krb_cred_part_data); if ((auth_context->flags & (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && diff --git a/lib/krb5/rd_req.c b/lib/krb5/rd_req.c index 31fbe8e45..6460aa919 100644 --- a/lib/krb5/rd_req.c +++ b/lib/krb5/rd_req.c @@ -177,7 +177,7 @@ find_etypelist(krb5_context context, krb5_authdata adIfRelevant; unsigned i; - adIfRelevant.len = 0; + krb5_data_zero(&adIfRelevant); etypes->len = 0; etypes->val = NULL; diff --git a/lib/krb5/rd_safe.c b/lib/krb5/rd_safe.c index d37960ab4..e62906b1f 100644 --- a/lib/krb5/rd_safe.c +++ b/lib/krb5/rd_safe.c @@ -41,7 +41,7 @@ verify_checksum(krb5_context context, krb5_error_code ret; u_char *buf; size_t buf_size; - size_t len; + size_t len = 0; Checksum c; krb5_crypto crypto; krb5_keyblock *key; diff --git a/lib/krb5/salt-arcfour.c b/lib/krb5/salt-arcfour.c index b222b47e1..ab5e51270 100644 --- a/lib/krb5/salt-arcfour.c +++ b/lib/krb5/salt-arcfour.c @@ -43,7 +43,7 @@ ARCFOUR_string_to_key(krb5_context context, { krb5_error_code ret; uint16_t *s = NULL; - size_t len, i; + size_t len = 0, i; EVP_MD_CTX *m; m = EVP_MD_CTX_create(); diff --git a/lib/krb5/sendauth.c b/lib/krb5/sendauth.c index 0965008ec..d334d3449 100644 --- a/lib/krb5/sendauth.c +++ b/lib/krb5/sendauth.c @@ -211,7 +211,7 @@ krb5_sendauth(krb5_context context, if (ap_req_options & AP_OPTS_MUTUAL_REQUIRED) { krb5_data ap_rep; - krb5_ap_rep_enc_part *ignore; + krb5_ap_rep_enc_part *ignore = NULL; krb5_data_zero (&ap_rep); ret = krb5_read_message (context, diff --git a/lib/krb5/ticket.c b/lib/krb5/ticket.c index 3e2bc4918..7d3ff1e4a 100644 --- a/lib/krb5/ticket.c +++ b/lib/krb5/ticket.c @@ -661,7 +661,7 @@ _krb5_extract_ticket(krb5_context context, { krb5_error_code ret; krb5_principal tmp_principal; - size_t len; + size_t len = 0; time_t tmp_time; krb5_timestamp sec_now;