0
0
mirror of https://github.com/zeromq/libzmq.git synced 2024-12-29 16:45:51 +08:00

Problem: curve keys getsockopt uninitialised read

Solution: always initialised zmq::options_t class variables arrays to
avoid reading uninitialised data when CURVE is not yet configured and
a getsockopt ZMQ_CURVE_{SERVER | PUBLIC | SECRET]KEY is issued.
This commit is contained in:
Luca Boccassi 2016-02-16 11:54:23 +00:00
parent 93f99d09f4
commit f86795350d

View File

@ -78,6 +78,9 @@ zmq::options_t::options_t () :
heartbeat_timeout (-1), heartbeat_timeout (-1),
use_fd (-1) use_fd (-1)
{ {
memset (curve_public_key, 0, CURVE_KEYSIZE);
memset (curve_secret_key, 0, CURVE_KEYSIZE);
memset (curve_server_key, 0, CURVE_KEYSIZE);
#if defined ZMQ_HAVE_VMCI #if defined ZMQ_HAVE_VMCI
vmci_buffer_size = 0; vmci_buffer_size = 0;
vmci_buffer_min_size = 0; vmci_buffer_min_size = 0;