From 7427af6b5cbb849398cf6bf05f2f7a4385e57840 Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Fri, 14 Dec 2007 05:14:11 +0000
Subject: [PATCH] fix CVE-2007-5894: apparent uninit length in ftpd.c:reply()

ticket: 5853
target_version: 1.6.4
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20182 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/appl/gssftp/ftpd/ftpd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c
index 708bfde93..9d332608c 100644
--- a/src/appl/gssftp/ftpd/ftpd.c
+++ b/src/appl/gssftp/ftpd/ftpd.c
@@ -1812,7 +1812,7 @@ reply(n, fmt, p0, p1, p2, p3, p4, p5)
 		 * radix_encode, gss_seal, plus slop.
 		 */
 		char in[FTP_BUFSIZ*3/2], out[FTP_BUFSIZ*3/2];
-		int length, kerror;
+		int length = 0, kerror;
 		if (n) sprintf(in, "%d%c", n, cont_char);
 		else in[0] = '\0';
 		strncat(in, buf, sizeof (in) - strlen(in) - 1);
-- 
2.26.2