rand: add a clang-analyzer work-around

scan-build would warn on a potential access of an uninitialized buffer. I deem it a false positive and had to add this somewhat ugly work-around to silence it.
author: Daniel Stenberg <daniel@haxx.se> 2017-12-13 00:45:42 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2017-12-13 00:45:42 +0100
commit: 02f207a76b45129e4d033c099e6d17581801c76e (patch)
tree: 4aeb5dfedb579bde64ecadbad7e71a0bdfc066ce /lib
parent: 13ce373a5b878023a0dbf367d3e1c9282df634f1 (diff)
download: curl-02f207a76b45129e4d033c099e6d17581801c76e.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/rand.c b/lib/rand.c
index 2670af9d9..0769ed151 100644
--- a/lib/rand.c
+++ b/lib/rand.c
@@ -157,6 +157,12 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
   unsigned char *bufp = buffer;
   DEBUGASSERT(num > 1);
 
+#ifdef __clang_analyzer__
+  /* This silences a scan-build warning about accesssing this buffer with
+     uninitialized memory. */
+  memset(buffer, 0, sizeof(buffer));
+#endif
+
   if((num/2 >= sizeof(buffer)) || !(num&1))
     /* make sure it fits in the local buffer and that it is an odd number! */
     return CURLE_BAD_FUNCTION_ARGUMENT;
author	Daniel Stenberg <daniel@haxx.se>	2017-12-13 00:45:42 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2017-12-13 00:45:42 +0100
commit	02f207a76b45129e4d033c099e6d17581801c76e (patch)
tree	4aeb5dfedb579bde64ecadbad7e71a0bdfc066ce /lib
parent	13ce373a5b878023a0dbf367d3e1c9282df634f1 (diff)
download	curl-02f207a76b45129e4d033c099e6d17581801c76e.tar.gz