Fix SMP_Encrypt for data shorter than 16 bytes

This bug was introduced in commit c3e7c878fe8495590f059547153bd77cdea322a6
osi_calloc was replaced with raw array, that is not wiped clean.

Change-Id: I57a4e7a26108ad4672d2dd2ff25028653c96ca1b

diff --git a/stack/smp/smp_keys.cc b/stack/smp/smp_keys.cc
index 11e4942..13a4b6c 100644 (file)
--- a/stack/smp/smp_keys.cc
+++ b/stack/smp/smp_keys.cc
@@ -115,6 +115,7 @@ void smp_encrypt_data(BT_OCTET16 key, uint8_t* message, uint8_t length,
   if (length > SMP_ENCRYT_DATA_SIZE) length = SMP_ENCRYT_DATA_SIZE;
 
   uint8_t p_start[SMP_ENCRYT_DATA_SIZE * 4];
+  memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4);
   p = p_start;
   ARRAY_TO_STREAM(p, message, length);             /* byte 0 to byte 15 */
   p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */