diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2023-03-22 13:31:11 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2023-03-23 09:25:05 +0100 |
| commit | 0c2fcb0f60c699a3faa09ffb29e2c1db16e0a13b (patch) | |
| tree | fc33767aef0ad240cb2d66d4084121aec004db47 | |
| parent | 955e2769f7864899b500827acde7ddc1f0ba6784 (diff) | |
| download | curl-0c2fcb0f60c699a3faa09ffb29e2c1db16e0a13b.tar.gz | |
ntlm: clear lm and nt response buffers before use
To avoid the risk of MemorySanitizer: use-of-uninitialized-value
Closes #10814
| -rw-r--r-- | lib/vauth/ntlm.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 2a5d4a490..5aa7e6ec0 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -511,6 +511,8 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data, size_t userlen = 0; size_t domlen = 0; + memset(lmresp, 0, sizeof(lmresp)); + memset(ntresp, 0, sizeof(ntresp)); user = strchr(userp, '\\'); if(!user) user = strchr(userp, '/'); |