r6798: Valgrind pain is not something I look forward to - if we ever fall

back to the 'not /dev/urandom' method of random number generation, I
don't want to be chasing down 'use of uninitialised value' though all
the crypto code.

Andrew Bartlett
(This used to be commit 31ff2cd8e11dee36c42f82dcfd85338d3ff704d3)

diff --git a/source4/lib/genrand.c b/source4/lib/genrand.c
index e3df9f9d909fef6e38da15e57acec08f52989d70..9d40e72afcf4dc6658d7324abbe7140b7cf3d298 100644 (file)
--- a/source4/lib/genrand.c
+++ b/source4/lib/genrand.c
@@ -111,8 +111,10 @@ static void get_random_stream(unsigned char *data, size_t datasize)
 }
 
 /****************************************************************
- Get a 16 byte hash from the contents of a file.
- Note that the hash is not initialised.
+ Get a 16 byte hash from the contents of a file.  
+
+ Note that the hash is initialised, because the extra entropy is not
+ worth the valgrind pain.
 *****************************************************************/
 
 static void do_filehash(const char *fname, unsigned char *the_hash)
@@ -121,6 +123,8 @@ static void do_filehash(const char *fname, unsigned char *the_hash)
        unsigned char tmp_md4[16];
        int fd, n;
 
+       ZERO_STRUCT(tmp_md4);
+
        fd = open(fname,O_RDONLY,0);
        if (fd == -1)
                return;