array"key" is uninitialized and it is being read directly in function SipHash_Init() as per the below statements making a way for the garbage values :
uint64_t k0 = U8TO64_LE(k);
uint64_t k1 = U8TO64_LE(k + 8);
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23298)
(cherry picked from commit
a0826b184eed2dccc56cdf80e3e0bc061cc89ddc)
static int test_siphash_basic(void)
{
SIPHASH siphash = { 0, };
- unsigned char key[SIPHASH_KEY_SIZE];
+ static const unsigned char key[SIPHASH_KEY_SIZE] = {0};
unsigned char output[SIPHASH_MAX_DIGEST_SIZE];
/* Use invalid hash size */