You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The attached oss-fuzz case for Dropbear SSH reports uninitialised memory. It appears that explicit_bzero() isn't handled correctly by msan, replacing it with plain memset() in dbhelpers.cm_burn() resolves the sanitizer error.
The attached oss-fuzz case for Dropbear SSH reports uninitialised memory. It appears that
explicit_bzero()
isn't handled correctly by msan, replacing it with plainmemset()
in dbhelpers.cm_burn()
resolves the sanitizer error.The call in the testcase is coming from
ecc_ansi_x963_export()
->zeromem()
->m_burn()
->explicit_bzero()
.14630_crash_info_dropbear_Use-of-uninitialized-value.txt
Uninitialized value was created by an allocation of 'buf' in the stack frame of function 'ecc_ansi_x963_export'
Base64 testcase:
AgAAAfEAAACFBAHqNMmoriKZ+LgWqFtiHuKXnW+pQTQEZJMbVZogafvfwq/5uWgu7t2uhzzq/WOINVoScyhoWmZgemjurp6R01di+gGRkC0EirjG5EtweiiNIua4hMdoQdR36go+Sr7sDFdHgh0XsNwPIHMCVy8n90AdCH6l/+rSBZDrQf4OUN2gYcnsAQ==
The text was updated successfully, but these errors were encountered: