Clear req_st buffer before filling it in

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18706 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb4/mk_req.c b/src/lib/krb4/mk_req.c
index 3066f43d71d33e38445afa08a9a165aa52293cfc..fc92c58e6ec2413e70a2c79c94680f405a2e5c7e 100644 (file)
--- a/src/lib/krb4/mk_req.c
+++ b/src/lib/krb4/mk_req.c
@@ -103,6 +103,10 @@ krb_mk_req_creds_prealm(authent, creds, checksum, myrealm)
     unsigned KRB4_32 time_secs;
     unsigned KRB4_32 time_usecs;
 
+    /* Don't risk exposing stack garbage to correspondent, even if
+       encrypted from other prying eyes.  */
+    memset(&req_st, 0x69, sizeof(req_st));
+
     ticket = &creds->ticket_st;
     /* Get the ticket and move it into the authenticator */
     if (krb_ap_req_debug)