ticket: 5853

version_fixed: 1.6.4 pull up r20182 from trunk r20182@cathode-dark-space: tlyu | 2007-12-14 00:14:11 -0500 ticket: 5853 target_version: 1.6.4 tags: pullup fix CVE-2007-5894: apparent uninit length in ftpd.c:reply() git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@20183 dc483132-0cff-0310-8789-dd5450dbe970
aadamowski · Dec 15, 2007 · 7ad9538 · 7ad9538
1 parent 8df2ee7
commit 7ad9538
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c
@@ -1823,7 +1823,7 @@ reply(n, fmt, p0, p1, p2, p3, p4, p5)
 		 * radix_encode, gss_seal, plus slop.
 		 */
 		char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
-		int length, kerror;
+		int length = 0, kerror;
 		if (n) sprintf(in, "%d%c", n, cont_char);
 		else in[0] = '\0';
 		strncat(in, buf, sizeof (in) - strlen(in) - 1);