From 168699d3fe8ffdabb6765e02f3e9f53a65823660 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Wed, 19 Mar 2025 16:35:11 +0000
Subject: X509_VERIFY_PARAM_lookup(): avoid passing stack garbage around

ok jsing
---
 src/lib/libcrypto/x509/x509_vpm.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c
index dfcd8d3d3c..24ea72b4fe 100644
--- a/src/lib/libcrypto/x509/x509_vpm.c
+++ b/src/lib/libcrypto/x509/x509_vpm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vpm.c,v 1.53 2025/03/19 16:33:59 tb Exp $ */
+/* $OpenBSD: x509_vpm.c,v 1.54 2025/03/19 16:35:11 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2004.
  */
@@ -720,6 +720,7 @@ X509_VERIFY_PARAM_lookup(const char *name)
 	size_t i;
 	int idx;
 
+	memset(&param, 0, sizeof(param));
 	param.name = (char *)name;
 	if ((idx = sk_X509_VERIFY_PARAM_find(param_table, &param)) != -1)
 		return sk_X509_VERIFY_PARAM_value(param_table, idx);
-- 
cgit v1.2.3-55-g6feb