From 95625a5c1c3a4c12bbd07af847dca6d2c6eead41 Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Sun, 9 Feb 2014 21:07:19 +0100 Subject: [PATCH] make sure to zero-out apdu before use --- yubico-piv-tool.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/yubico-piv-tool.c b/yubico-piv-tool.c index 3cfed24..e2a4403 100644 --- a/yubico-piv-tool.c +++ b/yubico-piv-tool.c @@ -592,6 +592,7 @@ static bool import_key(SCARDHANDLE *card, enum enum_key_format key_format, in_ptr += BN_bn2bin(s, in_ptr); } + memset(apdu.raw, 0, sizeof(apdu.raw)); apdu.st.ins = 0xfe; apdu.st.p1 = algorithm; apdu.st.p2 = key; @@ -722,6 +723,7 @@ static bool import_cert(SCARDHANDLE *card, enum enum_key_format cert_format, *certptr++ = 0xfe; /* LRC */ *certptr++ = 0; + memset(apdu.raw, 0, sizeof(apdu.raw)); apdu.st.ins = 0xdb; apdu.st.p1 = 0x3f; apdu.st.p2 = 0xff;