From e998fc28d12d5094f509d3168ac59cae91602173 Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Thu, 27 Aug 2020 00:30:06 +0200
Subject: Fixed use-of-uninitialized-value in QUIC clho decryption probably
 caused by a BUG in libgcrypt (not verified).

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 src/lib/protocols/quic.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/lib/protocols')

diff --git a/src/lib/protocols/quic.c b/src/lib/protocols/quic.c
index d40b4219b..905a93543 100644
--- a/src/lib/protocols/quic.c
+++ b/src/lib/protocols/quic.c
@@ -286,7 +286,9 @@ static gcry_error_t hkdf_expand(int hashalgo, const uint8_t *prk, uint32_t prk_l
       gcry_md_write(h, lastoutput, hash_len); /* T(1..N) */
     }
     gcry_md_write(h, info, info_len);                   /* info */
-    gcry_md_putc(h, (uint8_t) (offset / hash_len + 1));  /* constant 0x01..N */
+
+    uint8_t c = offset / hash_len + 1;
+    gcry_md_write(h, &c, sizeof(c));                    /* constant 0x01..N */
 
     memcpy(lastoutput, gcry_md_read(h, hashalgo), hash_len);
     memcpy(out + offset, lastoutput, MIN(hash_len, out_len - offset));
-- 
cgit v1.2.3