From 94af5e76bc1b9b0a797f787448f3d793bfb87ef3 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Thu, 4 Dec 2014 16:17:18 +0100
Subject: [PATCH] libnm/crypto: fix uninitialized variable in crypto_md5_hash()

@digest_len passed to g_checksum_get_digest() must be
initialized to the size of the digest. It is an in-out paramter.

Fixes: 48ff21b5bc42daa8b6f72db8d82fd9b21fde842e
---
 libnm-core/crypto.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/libnm-core/crypto.c b/libnm-core/crypto.c
index 62629a3f72..205d22c613 100644
--- a/libnm-core/crypto.c
+++ b/libnm-core/crypto.c
@@ -795,14 +795,17 @@ crypto_md5_hash (const char *salt,
 
 		g_checksum_reset (ctx);
 		if (count++)
-			g_checksum_update (ctx, (const guchar *) digest, digest_len);
+			g_checksum_update (ctx, (const guchar *) digest, sizeof (digest));
 		if (password_len > 0)
 			g_checksum_update (ctx, (const guchar *) password, password_len);
 		if (salt_len > 0)
 			g_checksum_update (ctx, (const guchar *) salt, salt_len);
-		g_checksum_get_digest (ctx, (guchar *) digest, &digest_len);
 
-		while (nkey && (i < digest_len)) {
+		digest_len = sizeof (digest);
+		g_checksum_get_digest (ctx, (guchar *) digest, &digest_len);
+		g_assert (digest_len == sizeof (digest));
+
+		while (nkey && (i < sizeof (digest))) {
 			*(p++) = digest[i++];
 			nkey--;
 		}