megolm: Fix use of uninitialized value in group message decoding.

_olm_decode_group_message should initialize all fields of the results
struct before returning. This is because its caller
_decrypt_max_plaintext_length relies on it having initialized these
fields.

Luckily, this only allows one to subvert the version check in
_decrypt_max_plaintext_length, but not the following check that the
ciphertext field is non-null because that field *is* initialized.
This commit is contained in:
Denis Kasak 2021-05-03 14:01:53 +02:00
parent 0a7b6da9a0
commit c325db02fc

View file

@ -373,7 +373,9 @@ void _olm_decode_group_message(
std::uint8_t const * unknown = nullptr;
bool has_message_index = false;
results->version = 0;
results->message_index = 0;
results->has_message_index = (int)has_message_index;
results->ciphertext = nullptr;
results->ciphertext_length = 0;