Avoid the use of an uninitialised variable. In reality, this is a non-issue

since the calculated value is not actually used in the uninitialised case.
Change the code so that we only do the calculation if we actually need it.

Issue detected by clang and reported by both brad@ and Brent Cook.

2 files changed, 2 insertions, 4 deletions

diff --git a/lib/libcrypto/pem/pem_lib.c b/lib/libcrypto/pem/pem_lib.c
index 945262f0199..5938330d453 100644
--- a/lib/libcrypto/pem/pem_lib.c
+++ b/lib/libcrypto/pem/pem_lib.c
@@ -465,12 +465,11 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
 	EVP_CIPHER_CTX_cleanup(&ctx);
 	OPENSSL_cleanse((char *)buf, sizeof(buf));
 	OPENSSL_cleanse((char *)key, sizeof(key));
-	j += i;
 	if (!o) {
 		PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
 		return (0);
 	}
-	*plen = j;
+	*plen = j + i;
 	return (1);
 }
 
diff --git a/lib/libssl/src/crypto/pem/pem_lib.c b/lib/libssl/src/crypto/pem/pem_lib.c
index 945262f0199..5938330d453 100644
--- a/lib/libssl/src/crypto/pem/pem_lib.c
+++ b/lib/libssl/src/crypto/pem/pem_lib.c
@@ -465,12 +465,11 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
 	EVP_CIPHER_CTX_cleanup(&ctx);
 	OPENSSL_cleanse((char *)buf, sizeof(buf));
 	OPENSSL_cleanse((char *)key, sizeof(key));
-	j += i;
 	if (!o) {
 		PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
 		return (0);
 	}
-	*plen = j;
+	*plen = j + i;
 	return (1);
 }