Merge pull request #8697 from douzzer/20250419-test_dtls13_ack_order-uninited-read

dgarske · web-flow · commit 3ca444e0e126 · 2025-04-19T19:44:35.000-07:00
20250419-test_dtls13_ack_order-uninited-read
diff --git a/tests/api/test_dtls.c b/tests/api/test_dtls.c
@@ -660,7 +660,7 @@ int test_dtls13_ack_order(void)
      *     uint64 sequence_number;
      * } RecordNumber;
      * Big endian */
-    unsigned char expected_output[] = {
+    static const unsigned char expected_output[] = {
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
@@ -706,13 +706,18 @@ int test_dtls13_ack_order(void)
     ExpectIntEQ(Dtls13RtxAddAck(ssl_c, w64From32(0, 2), w64From32(0, 2)), 0);
     ExpectIntEQ(Dtls13WriteAckMessage(ssl_c, ssl_c->dtls13Rtx.seenRecords,
             &length), 0);
+
+    /* must zero the span reserved for the header to avoid read of uninited
+     * data.
+     */
+    XMEMSET(ssl_c->buffers.outputBuffer.buffer, 0,
+            5 /* DTLS13_UNIFIED_HEADER_SIZE */);
     /* N * RecordNumber + 2 extra bytes for length */
     ExpectIntEQ(length, sizeof(expected_output) + 2);
     ExpectNotNull(mymemmem(ssl_c->buffers.outputBuffer.buffer,
             ssl_c->buffers.outputBuffer.bufferSize, expected_output,
             sizeof(expected_output)));
 
-
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_free(ssl_s);
