crypto: explicitly initialize variables

trezor · Oct 9, 2019 · fdad317 · fdad317
1 parent fa9d349
commit fdad317
Show file tree

Hide file tree

Showing 38 changed files with 397 additions and 397 deletions.
diff --git a/crypto/address.c b/crypto/address.c
@@ -66,11 +66,11 @@ void ethereum_address_checksum(const uint8_t *addr, char *address, bool rskip60,
   }
   address[40] = 0;
 
-  SHA3_CTX ctx;
-  uint8_t hash[32];
+  SHA3_CTX ctx = {0};
+  uint8_t hash[32] = {0};
   keccak_256_Init(&ctx);
   if (rskip60) {
-    char prefix[16];
+    char prefix[16] = {0};
     int prefix_size = bn_format_uint64(chain_id, NULL, "0x", 0, 0, false,
                                        prefix, sizeof(prefix));
     keccak_Update(&ctx, (const uint8_t *)prefix, prefix_size);

diff --git a/crypto/aes/aes_modes.c b/crypto/aes/aes_modes.c
@@ -108,7 +108,7 @@ aligned_array(unsigned long, dec_hybrid_table, 12, 16) = NEH_DEC_HYBRID_DATA;
 
 AES_RETURN aes_test_alignment_detection(unsigned int n)	/* 4 <= n <= 16 */
 {	uint8_t	p[16];
-    uint32_t i, count_eq = 0, count_neq = 0;
+    uint32_t i = 0, count_eq = 0, count_neq = 0;
 
     if(n < 4 || n > 16)
         return EXIT_FAILURE;
@@ -156,7 +156,7 @@ AES_RETURN aes_ecb_encrypt(const unsigned char *ibuf, unsigned char *obuf,
         }
         else
         {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;
 
             while(nb)
             {
@@ -218,7 +218,7 @@ AES_RETURN aes_ecb_decrypt(const unsigned char *ibuf, unsigned char *obuf,
         }
         else
         {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;
 
             while(nb)
             {
@@ -287,7 +287,7 @@ AES_RETURN aes_cbc_encrypt(const unsigned char *ibuf, unsigned char *obuf,
         }
         else
         {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;
 
             while(nb)
             {
@@ -385,7 +385,7 @@ AES_RETURN aes_cbc_decrypt(const unsigned char *ibuf, unsigned char *obuf,
         }
         else
         {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;
 
             while(nb)
             {
@@ -497,7 +497,7 @@ AES_RETURN aes_cfb_encrypt(const unsigned char *ibuf, unsigned char *obuf,
             }
             else    /* input, output or both are unaligned  */
             {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-                uint8_t *ip, *op;
+                uint8_t *ip = NULL, *op = NULL;
 
                 while(nb)
                 {
@@ -625,7 +625,7 @@ AES_RETURN aes_cfb_decrypt(const unsigned char *ibuf, unsigned char *obuf,
             }
             else    /* input, output or both are unaligned  */
             {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-                uint8_t *ip, *op;
+                uint8_t *ip = NULL, *op = NULL;
 
                 while(nb)
                 {
@@ -763,7 +763,7 @@ AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf,
             }
             else    /* input, output or both are unaligned  */
         {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;
 
                 while(nb)
                 {
@@ -850,14 +850,14 @@ AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf,
 AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf,
             int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx ctx[1])
 {   unsigned char   *ip;
-    int             i, blen, b_pos = (int)(ctx->inf.b[2]);
+    int             i = 0, blen = 0, b_pos = (int)(ctx->inf.b[2]);
 
 #if defined( USE_VIA_ACE_IF_PRESENT )
     aligned_auto(uint8_t, buf, BFR_LENGTH, 16);
     if(ctx->inf.b[1] == 0xff && ALIGN_OFFSET( ctx, 16 ))
         return EXIT_FAILURE;
 #else
-    uint8_t buf[BFR_LENGTH];
+    uint8_t buf[BFR_LENGTH] = {0};
 #endif
 
     if(b_pos)

diff --git a/crypto/aes/aescrypt.c b/crypto/aes/aescrypt.c
@@ -96,7 +96,7 @@ extern "C"
 
 AES_RETURN aes_xi(encrypt)(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1])
 {   uint32_t         locals(b0, b1);
-    const uint32_t   *kp;
+    const uint32_t *kp = NULL;
 #if defined( dec_fmvars )
     dec_fmvars; /* declare variables for fwd_mcol() if needed */
 #endif
@@ -234,7 +234,7 @@ AES_RETURN aes_xi(decrypt)(const unsigned char *in, unsigned char *out, const ae
 #if defined( dec_imvars )
     dec_imvars; /* declare variables for inv_mcol() if needed */
 #endif
-    const uint32_t *kp;
+    const uint32_t *kp = NULL;
 
 	if(cx->inf.b[0] != 10 * AES_BLOCK_SIZE && cx->inf.b[0] != 12 * AES_BLOCK_SIZE && cx->inf.b[0] != 14 * AES_BLOCK_SIZE)
 		return EXIT_FAILURE;

diff --git a/crypto/aes/aestab.c b/crypto/aes/aestab.c
@@ -272,7 +272,7 @@ AES_RETURN aes_init(void)
 
 #if defined(FF_TABLES)
 
-    uint8_t  pow[512], log[256];
+    uint8_t  pow[512] = {0}, log[256] = {0};
 
     if(init)
         return EXIT_SUCCESS;

diff --git a/crypto/base32.c b/crypto/base32.c
@@ -77,7 +77,7 @@ void base32_encode_unsafe(const uint8_t *in, size_t inlen, uint8_t *out) {
   uint8_t remainder = inlen % 5;
   size_t limit = inlen - remainder;
 
-  size_t i, j;
+  size_t i = 0, j = 0;
   for (i = 0, j = 0; i < limit; i += 5, j += 8) {
     base32_5to8(&in[i], 5, &out[j]);
   }
@@ -90,7 +90,7 @@ bool base32_decode_unsafe(const uint8_t *in, size_t inlen, uint8_t *out,
   uint8_t remainder = inlen % 8;
   size_t limit = inlen - remainder;
 
-  size_t i, j;
+  size_t i = 0, j = 0;
   for (i = 0, j = 0; i < limit; i += 8, j += 5) {
     if (!base32_8to5(&in[i], 8, &out[j], alphabet)) {
       return false;

diff --git a/crypto/base58.c b/crypto/base58.c
@@ -58,9 +58,9 @@ bool b58tobin(void *bin, size_t *binszp, const char *b58) {
   size_t outisz =
       (binsz + sizeof(b58_almostmaxint_t) - 1) / sizeof(b58_almostmaxint_t);
   b58_almostmaxint_t outi[outisz];
-  b58_maxint_t t;
-  b58_almostmaxint_t c;
-  size_t i, j;
+  b58_maxint_t t = 0;
+  b58_almostmaxint_t c = 0;
+  size_t i = 0, j = 0;
   uint8_t bytesleft = binsz % sizeof(b58_almostmaxint_t);
   b58_almostmaxint_t zeromask =
       bytesleft ? (b58_almostmaxint_mask << (bytesleft * 8)) : 0;
@@ -128,9 +128,9 @@ bool b58tobin(void *bin, size_t *binszp, const char *b58) {
 
 int b58check(const void *bin, size_t binsz, HasherType hasher_type,
              const char *base58str) {
-  unsigned char buf[32];
+  unsigned char buf[32] = {0};
   const uint8_t *binc = bin;
-  unsigned i;
+  unsigned i = 0;
   if (binsz < 4) return -4;
   hasher_Raw(hasher_type, bin, binsz - 4, buf);
   if (memcmp(&binc[binsz - 4], buf, 4)) return -1;
@@ -146,9 +146,9 @@ int b58check(const void *bin, size_t binsz, HasherType hasher_type,
 
 bool b58enc(char *b58, size_t *b58sz, const void *data, size_t binsz) {
   const uint8_t *bin = data;
-  int carry;
-  size_t i, j, high, zcount = 0;
-  size_t size;
+  int carry = 0;
+  size_t i = 0, j = 0, high = 0, zcount = 0;
+  size_t size = 0;
 
   while (zcount < binsz && !bin[zcount]) ++zcount;
 
@@ -219,9 +219,9 @@ int base58_decode_check(const char *str, HasherType hasher_type, uint8_t *data,
 
 #if USE_GRAPHENE
 int b58gphcheck(const void *bin, size_t binsz, const char *base58str) {
-  unsigned char buf[32];
+  unsigned char buf[32] = {0};
   const uint8_t *binc = bin;
-  unsigned i;
+  unsigned i = 0;
   if (binsz < 4) return -4;
   ripemd160(bin, binsz - 4, buf);  // No double SHA256, but a single RIPEMD160
   if (memcmp(&binc[binsz - 4], buf, 4)) return -1;

diff --git a/crypto/bip32.c b/crypto/bip32.c
@@ -127,7 +127,7 @@ int hdnode_from_xprv(uint32_t depth, uint32_t child_num,
   if (info == 0) {
     failed = true;
   } else if (info->params) {
-    bignum256 a;
+    bignum256 a = {0};
     bn_read_be(private_key, &a);
     if (bn_is_zero(&a)) {  // == 0
       failed = true;
@@ -170,7 +170,7 @@ int hdnode_from_seed(const uint8_t *seed, int seed_len, const char *curve,
   hmac_sha512_Final(&ctx, I);
 
   if (out->curve->params) {
-    bignum256 a;
+    bignum256 a = {0};
     while (true) {
       bn_read_be(I, &a);
       if (!bn_is_zero(&a)                                   // != 0
@@ -192,8 +192,8 @@ int hdnode_from_seed(const uint8_t *seed, int seed_len, const char *curve,
 }
 
 uint32_t hdnode_fingerprint(HDNode *node) {
-  uint8_t digest[32];
-  uint32_t fingerprint;
+  uint8_t digest[32] = {0};
+  uint32_t fingerprint = 0;
 
   hdnode_fill_public_key(node);
   hasher_Raw(node->curve->hasher_pubkey, node->public_key, 33, digest);
@@ -422,9 +422,9 @@ int hdnode_from_entropy_cardano_icarus(const uint8_t *pass, int pass_len,
 int hdnode_public_ckd_cp(const ecdsa_curve *curve, const curve_point *parent,
                          const uint8_t *parent_chain_code, uint32_t i,
                          curve_point *child, uint8_t *child_chain_code) {
-  uint8_t data[1 + 32 + 4];
-  uint8_t I[32 + 32];
-  bignum256 c;
+  uint8_t data[(1 + 32) + 4] = {0};
+  uint8_t I[32 + 32] = {0};
+  bignum256 c = {0};
 
   if (i & 0x80000000) {  // private derivation
     return 0;
@@ -459,7 +459,7 @@ int hdnode_public_ckd_cp(const ecdsa_curve *curve, const curve_point *parent,
 }
 
 int hdnode_public_ckd(HDNode *inout, uint32_t i) {
-  curve_point parent, child;
+  curve_point parent = {0}, child = {0};
 
   if (!ecdsa_read_pubkey(inout->curve->params, inout->public_key, &parent)) {
     return 0;
@@ -487,8 +487,8 @@ void hdnode_public_ckd_address_optimized(const curve_point *pub,
                                          HasherType hasher_pubkey,
                                          HasherType hasher_base58, char *addr,
                                          int addrsize, int addrformat) {
-  uint8_t child_pubkey[33];
-  curve_point b;
+  uint8_t child_pubkey[33] = {0};
+  curve_point b = {0};
 
   hdnode_public_ckd_cp(&secp256k1, pub, chain_code, i, &b, NULL);
   child_pubkey[0] = 0x02 | (b.y.val[0] & 0x01);
@@ -544,7 +544,7 @@ int hdnode_private_ckd_cached(HDNode *inout, const uint32_t *i, size_t i_count,
     private_ckd_cache_root_set = true;
   } else {
     // try to find parent
-    int j;
+    int j = 0;
     for (j = 0; j < BIP32_CACHE_SIZE; j++) {
       if (private_ckd_cache[j].set &&
           private_ckd_cache[j].depth == i_count - 1 &&
@@ -560,7 +560,7 @@ int hdnode_private_ckd_cached(HDNode *inout, const uint32_t *i, size_t i_count,
 
   // else derive parent
   if (!found) {
-    size_t k;
+    size_t k = 0;
     for (k = 0; k < i_count - 1; k++) {
       if (hdnode_private_ckd(inout, i[k]) == 0) return 0;
     }
@@ -633,8 +633,8 @@ void hdnode_fill_public_key(HDNode *node) {
 
 #if USE_ETHEREUM
 int hdnode_get_ethereum_pubkeyhash(const HDNode *node, uint8_t *pubkeyhash) {
-  uint8_t buf[65];
-  SHA3_CTX ctx;
+  uint8_t buf[65] = {0};
+  SHA3_CTX ctx = {0};
 
   /* get uncompressed public key */
   ecdsa_get_public_key65(node->curve->params, node->private_key, buf);
@@ -687,7 +687,7 @@ int hdnode_get_nem_shared_key(const HDNode *node,
 int hdnode_nem_encrypt(const HDNode *node, const ed25519_public_key public_key,
                        const uint8_t *iv_immut, const uint8_t *salt,
                        const uint8_t *payload, size_t size, uint8_t *buffer) {
-  uint8_t last_block[AES_BLOCK_SIZE];
+  uint8_t last_block[AES_BLOCK_SIZE] = {0};
   uint8_t remainder = size % AES_BLOCK_SIZE;
 
   // Round down to last whole block
@@ -699,15 +699,15 @@ int hdnode_nem_encrypt(const HDNode *node, const ed25519_public_key public_key,
          AES_BLOCK_SIZE - remainder);
 
   // the IV gets mutated, so we make a copy not to touch the original
-  uint8_t iv[AES_BLOCK_SIZE];
+  uint8_t iv[AES_BLOCK_SIZE] = {0};
   memcpy(iv, iv_immut, AES_BLOCK_SIZE);
 
-  uint8_t shared_key[SHA3_256_DIGEST_LENGTH];
+  uint8_t shared_key[SHA3_256_DIGEST_LENGTH] = {0};
   if (!hdnode_get_nem_shared_key(node, public_key, salt, NULL, shared_key)) {
     return 0;
   }
 
-  aes_encrypt_ctx ctx;
+  aes_encrypt_ctx ctx = {0};
 
   int ret = aes_encrypt_key256(shared_key, &ctx);
   memzero(shared_key, sizeof(shared_key));
@@ -731,13 +731,13 @@ int hdnode_nem_encrypt(const HDNode *node, const ed25519_public_key public_key,
 int hdnode_nem_decrypt(const HDNode *node, const ed25519_public_key public_key,
                        uint8_t *iv, const uint8_t *salt, const uint8_t *payload,
                        size_t size, uint8_t *buffer) {
-  uint8_t shared_key[SHA3_256_DIGEST_LENGTH];
+  uint8_t shared_key[SHA3_256_DIGEST_LENGTH] = {0};
 
   if (!hdnode_get_nem_shared_key(node, public_key, salt, NULL, shared_key)) {
     return 0;
   }
 
-  aes_decrypt_ctx ctx;
+  aes_decrypt_ctx ctx = {0};
 
   int ret = aes_decrypt_key256(shared_key, &ctx);
   memzero(shared_key, sizeof(shared_key));
@@ -822,7 +822,7 @@ int hdnode_get_shared_key(const HDNode *node, const uint8_t *peer_public_key,
 static int hdnode_serialize(const HDNode *node, uint32_t fingerprint,
                             uint32_t version, char use_public, char *str,
                             int strsize) {
-  uint8_t node_data[78];
+  uint8_t node_data[78] = {0};
   write_be(node_data, version);
   node_data[4] = node->depth;
   write_be(node_data + 5, fingerprint);
@@ -854,7 +854,7 @@ int hdnode_serialize_private(const HDNode *node, uint32_t fingerprint,
 int hdnode_deserialize(const char *str, uint32_t version_public,
                        uint32_t version_private, const char *curve,
                        HDNode *node, uint32_t *fingerprint) {
-  uint8_t node_data[78];
+  uint8_t node_data[78] = {0};
   memzero(node, sizeof(HDNode));
   node->curve = get_curve_by_name(curve);
   if (base58_decode_check(str, node->curve->hasher_base58, node_data,