From 4434b5d559d7efd2ead2e546ff8e07ecacc54f0e Mon Sep 17 00:00:00 2001
From: Thomas Klausner <wiz@gatalith.at>
Date: Fri, 29 Sep 2023 13:35:03 +0200
Subject: [PATCH] Add more memset() to test the memory sanitizer.

TODO: remove after test
---
 lib/zip_crypto_openssl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/zip_crypto_openssl.c b/lib/zip_crypto_openssl.c
index f7b910a6..d075ee13 100644
--- a/lib/zip_crypto_openssl.c
+++ b/lib/zip_crypto_openssl.c
@@ -127,6 +127,9 @@ _zip_crypto_aes_free(_zip_crypto_aes_t *aes) {
 bool
 _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) {
     int len = 0;
+    /* TODO: The memset() is just for testing the memory sanitizer,
+       _zip_winzip_aes_new() will overwrite the same bytes */
+    memset(out, 0xff, ZIP_CRYPTO_AES_BLOCK_LENGTH);
     if (EVP_EncryptUpdate(aes, out, &len, in, ZIP_CRYPTO_AES_BLOCK_LENGTH) != 1
         || len != ZIP_CRYPTO_AES_BLOCK_LENGTH) {
         return false;
@@ -214,6 +217,9 @@ _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {
 
 bool
 _zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data) {
+    /* TODO: The memset() is just for testing the memory sanitizer,
+       _zip_winzip_aes_new() will overwrite the same bytes */
+    memset(data, 0xff, ZIP_CRYPTO_SHA1_LENGTH);
 #ifdef USE_OPENSSL_3_API
     size_t length = 0;
     return EVP_MAC_final(hmac->ctx, data, &length, ZIP_CRYPTO_SHA1_LENGTH) == 1 && length == ZIP_CRYPTO_SHA1_LENGTH;