authd: always use an empty buffer to read ident reply

Otherwise we could read uninitialised data beyond the actual reply
This commit is contained in:
Simon Arlott 2018-08-12 18:57:15 +01:00
parent 03f04cd80e
commit 151c4614a0
No known key found for this signature in database
GPG key ID: 49BFFEEFD4C3ED53

View file

@ -560,7 +560,7 @@ read_auth_reply(rb_fde_t *F, void *data)
char *t = NULL;
int len;
int count;
char buf[AUTH_BUFSIZ + 1]; /* buffer to read auth reply into */
char buf[AUTH_BUFSIZ + 1] = { 0 }; /* buffer to read auth reply into */
len = rb_read(F, buf, AUTH_BUFSIZ);