fixed use of garbage value

src/libopensc/card-asepcos.c

@@ -273,6 +273,7 @@ static int asepcos_select_file(sc_card_t *card, const sc_path_t *in_path,
 		/* check the current DF to avoid unnecessary re-selection of
 		 * the MF (as this might invalidate a security status) */
 		sc_path_t tpath;
+		memset(&tpath, 0, sizeof tpath);
 
 		r = asepcos_get_current_df_path(card, &tpath);
 		/* workaround: as opensc can't handle paths with file id

src/libopensc/card-gpk.c

@@ -596,6 +596,7 @@ try_again:
 	if ((path->len & 1) || path->len > sizeof(pathtmp))
 		return SC_ERROR_INVALID_ARGUMENTS;
 	pathptr = pathtmp;
+	memset(pathtmp, 0, sizeof pathtmp);
 	for (n = 0; n < path->len; n += 2)
 		pathptr[n>>1] = (path->value[n] << 8)|path->value[n+1];
 	pathlen = path->len >> 1;

src/libopensc/card-mcrd.c

@@ -1093,6 +1093,7 @@ mcrd_select_file(sc_card_t * card, const sc_path_t * path, sc_file_t ** file)
 		if ((path->len & 1) || path->len > sizeof(pathtmp))
 			return SC_ERROR_INVALID_ARGUMENTS;
 
+		memset(pathtmp, 0, sizeof pathtmp);
 		pathptr = pathtmp;
 		for (n = 0; n < path->len; n += 2)
 			pathptr[n >> 1] =

src/libopensc/pkcs15-itacns.c

@@ -685,9 +685,12 @@ static int itacns_check_and_add_keyset(sc_pkcs15_card_t *p15card,
 	 */
 	if (cert_offset) {
 		u8 certlen[3];
+		memset(certlen, 0, sizeof certlen);
 		r = loadFile(p15card, &path, certlen, sizeof(certlen));
 		LOG_TEST_RET(p15card->card->ctx, r,
 			"Could not read certificate file");
+		if (r < 3)
+			return SC_ERROR_INVALID_DATA;
 		path.index = cert_offset;
 		path.count = (certlen[1] << 8) + certlen[2];
 		/* If those bytes are 00, then we are probably dealing with an

src/tools/sc-hsm-tool.c

@@ -1278,7 +1278,7 @@ static int wrap_with_tag(u8 tag, u8 *indata, size_t inlen, u8 **outdata, size_t
 	if (inlen > 127) {
 		do	{
 			nlc++;
-		} while (inlen >= (unsigned)(1 << (nlc << 3)));
+		} while (inlen >= (unsigned)(1 << ((unsigned)nlc << 3)));
 	}
 
 	*outlen = 2 + nlc + inlen;