Uninitialized array variable

array"key" is uninitialized and it is being read directly in function SipHash_Init() as per the below statements making a way for the garbage values :
uint64_t k0 = U8TO64_LE(k);
uint64_t k1 = U8TO64_LE(k + 8);

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23298)

(cherry picked from commit a0826b184eed2dccc56cdf80e3e0bc061cc89ddc)

diff --git a/test/siphash_internal_test.c b/test/siphash_internal_test.c
index 76ae5ecabcb69c8b8adc27654e6112069366f2f1..3ab1677d2d0abd3476abc6023ee96ac853daffc7 100644 (file)
--- a/test/siphash_internal_test.c
+++ b/test/siphash_internal_test.c
@@ -257,7 +257,7 @@ static int test_siphash(int idx)
 static int test_siphash_basic(void)
 {
     SIPHASH siphash = { 0, };
-    unsigned char key[SIPHASH_KEY_SIZE];
+    static const unsigned char key[SIPHASH_KEY_SIZE] = {0};
     unsigned char output[SIPHASH_MAX_DIGEST_SIZE];
 
     /* Use invalid hash size */