From 0d816a75a3f82761aca2b1f7d6458fc7369bed46 Mon Sep 17 00:00:00 2001 From: Marcelo Altmann Date: Tue, 14 Jan 2020 12:18:36 -0300 Subject: [PATCH] PS-6773 - Conditional jump or move depends on uninitialised value(s) in sha256_password_authenticate The problem Valgrind is complaining about an uninitialised value of plain_text at sha256_password_authenticate. Solution Initialize plain_text with empty string. --- sql/auth/sql_authentication.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql/auth/sql_authentication.cc b/sql/auth/sql_authentication.cc index 1e195c171a07..77fbed4e4ee5 100644 --- a/sql/auth/sql_authentication.cc +++ b/sql/auth/sql_authentication.cc @@ -2929,7 +2929,7 @@ static int sha256_password_authenticate(MYSQL_PLUGIN_VIO *vio, char stage2[CRYPT_MAX_PASSWORD_SIZE + 1]; String scramble_response_packet; int cipher_length= 0; - unsigned char plain_text[MAX_CIPHER_LENGTH + 1]; + unsigned char plain_text[MAX_CIPHER_LENGTH + 1]= ""; RSA *private_key= NULL; RSA *public_key= NULL;