UI: Use OPENSSL_zalloc() in general_allocate_prompt()

This is to ensure that fields we don't set explicitly are always zero.

Fixes #13340

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13346)

diff --git a/crypto/ui/ui_lib.c b/crypto/ui/ui_lib.c
index 017afb7c07f028fc3678f906c1a48cbb4c80b725..af6461fb150601e8c2e333170ed023658020b6b5 100644 (file)
--- a/crypto/ui/ui_lib.c
+++ b/crypto/ui/ui_lib.c
@@ -106,7 +106,7 @@ static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
     } else if ((type == UIT_PROMPT || type == UIT_VERIFY
                 || type == UIT_BOOLEAN) && result_buf == NULL) {
         UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, UI_R_NO_RESULT_BUFFER);
-    } else if ((ret = OPENSSL_malloc(sizeof(*ret))) != NULL) {
+    } else if ((ret = OPENSSL_zalloc(sizeof(*ret))) != NULL) {
         ret->out_string = prompt;
         ret->flags = prompt_freeable ? OUT_STRING_FREEABLE : 0;
         ret->input_flags = input_flags;