From 38349198a6d300e3d2a4cc5217d64d46b5507727 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Thu, 21 May 2020 13:56:02 +0100
Subject: [PATCH] Problem: MSAN complains about uninitialised buffers in CURVE
 greetings

Solution: memset some of the CURVE greetings buffers. Most likely false
positives, but easier to fix here than convince Clang of being wrong.
---
 src/curve_client_tools.hpp | 3 +++
 src/curve_server.cpp       | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/src/curve_client_tools.hpp b/src/curve_client_tools.hpp
index f047b379..3c098ba9 100644
--- a/src/curve_client_tools.hpp
+++ b/src/curve_client_tools.hpp
@@ -161,6 +161,7 @@ struct curve_client_tools_t
         memcpy (&vouch_plaintext[crypto_box_ZEROBYTES], cn_public_, 32);
         memcpy (&vouch_plaintext[crypto_box_ZEROBYTES + 32], server_key_, 32);
 
+        memset (vouch_nonce, 0, crypto_box_NONCEBYTES);
         memcpy (vouch_nonce, "VOUCH---", 8);
         randombytes (vouch_nonce + 8, 16);
 
@@ -246,6 +247,8 @@ struct curve_client_tools_t
         memcpy (server_key, curve_server_key_, crypto_box_PUBLICKEYBYTES);
 
         //  Generate short-term key pair
+        memset (cn_secret, 0, crypto_box_SECRETKEYBYTES);
+        memset (cn_public, 0, crypto_box_PUBLICKEYBYTES);
         rc = crypto_box_keypair (cn_public, cn_secret);
         zmq_assert (rc == 0);
     }
diff --git a/src/curve_server.cpp b/src/curve_server.cpp
index 6e34221e..fadfc746 100644
--- a/src/curve_server.cpp
+++ b/src/curve_server.cpp
@@ -57,6 +57,8 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
     memcpy (_secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
 
     //  Generate short-term key pair
+    memset (_cn_secret, 0, crypto_box_SECRETKEYBYTES);
+    memset (_cn_public, 0, crypto_box_PUBLICKEYBYTES);
     rc = crypto_box_keypair (_cn_public, _cn_secret);
     zmq_assert (rc == 0);
 }
@@ -214,6 +216,7 @@ int zmq::curve_server_t::produce_welcome (msg_t *msg_)
 
     //  Create full nonce for encryption
     //  8-byte prefix plus 16-byte random nonce
+    memset (cookie_nonce, 0, crypto_secretbox_NONCEBYTES);
     memcpy (cookie_nonce, "COOKIE--", 8);
     randombytes (cookie_nonce + 8, 16);
 
@@ -224,6 +227,7 @@ int zmq::curve_server_t::produce_welcome (msg_t *msg_)
     memcpy (&cookie_plaintext[crypto_secretbox_ZEROBYTES + 32], _cn_secret, 32);
 
     //  Generate fresh cookie key
+    memset (_cookie_key, 0, crypto_secretbox_KEYBYTES);
     randombytes (_cookie_key, crypto_secretbox_KEYBYTES);
 
     //  Encrypt using symmetric cookie key
@@ -239,6 +243,7 @@ int zmq::curve_server_t::produce_welcome (msg_t *msg_)
 
     //  Create full nonce for encryption
     //  8-byte prefix plus 16-byte random nonce
+    memset (welcome_nonce, 0, crypto_box_NONCEBYTES);
     memcpy (welcome_nonce, "WELCOME-", 8);
     randombytes (welcome_nonce + 8, crypto_box_NONCEBYTES - 8);
 
@@ -373,6 +378,7 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
     memcpy (vouch_box + crypto_box_BOXZEROBYTES,
             &initiate_plaintext[crypto_box_ZEROBYTES + 48], 80);
 
+    memset (vouch_nonce, 0, crypto_box_NONCEBYTES);
     memcpy (vouch_nonce, "VOUCH---", 8);
     memcpy (vouch_nonce + 8, &initiate_plaintext[crypto_box_ZEROBYTES + 32],
             16);