crypto: explicitly initialize variables

5 years ago · fdad317d8c
parent fa9d349bc9
commit fdad317d8c
38 changed files with 397 additions and 397 deletions
--- a/crypto/address.c
+++ b/crypto/address.c
@ -66,11 +66,11 @@ void ethereum_address_checksum(const uint8_t *addr, char *address, bool rskip60,
  }
  address[40] = 0;

-  SHA3_CTX ctx;
-  uint8_t hash[32];
+  SHA3_CTX ctx = {0};
+  uint8_t hash[32] = {0};
  keccak_256_Init(&ctx);
  if (rskip60) {
-    char prefix[16];
+    char prefix[16] = {0};
    int prefix_size = bn_format_uint64(chain_id, NULL, "0x", 0, 0, false,
                                       prefix, sizeof(prefix));
    keccak_Update(&ctx, (const uint8_t *)prefix, prefix_size);
--- a/crypto/aes/aes_modes.c
+++ b/crypto/aes/aes_modes.c
@ -108,7 +108,7 @@ aligned_array(unsigned long, dec_hybrid_table, 12, 16) = NEH_DEC_HYBRID_DATA;

 AES_RETURN aes_test_alignment_detection(unsigned int n)	/* 4 <= n <= 16 */
 {	uint8_t	p[16];
-    uint32_t i, count_eq = 0, count_neq = 0;
+    uint32_t i = 0, count_eq = 0, count_neq = 0;

    if(n < 4 || n > 16)
        return EXIT_FAILURE;
@ -156,7 +156,7 @@ AES_RETURN aes_ecb_encrypt(const unsigned char *ibuf, unsigned char *obuf,
        }
        else
        {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;

            while(nb)
            {
@ -218,7 +218,7 @@ AES_RETURN aes_ecb_decrypt(const unsigned char *ibuf, unsigned char *obuf,
        }
        else
        {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;

            while(nb)
            {
@ -287,7 +287,7 @@ AES_RETURN aes_cbc_encrypt(const unsigned char *ibuf, unsigned char *obuf,
        }
        else
        {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;

            while(nb)
            {
@ -385,7 +385,7 @@ AES_RETURN aes_cbc_decrypt(const unsigned char *ibuf, unsigned char *obuf,
        }
        else
        {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;

            while(nb)
            {
@ -497,7 +497,7 @@ AES_RETURN aes_cfb_encrypt(const unsigned char *ibuf, unsigned char *obuf,
            }
            else    /* input, output or both are unaligned  */
            {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-                uint8_t *ip, *op;
+                uint8_t *ip = NULL, *op = NULL;

                while(nb)
                {
@ -625,7 +625,7 @@ AES_RETURN aes_cfb_decrypt(const unsigned char *ibuf, unsigned char *obuf,
            }
            else    /* input, output or both are unaligned  */
            {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-                uint8_t *ip, *op;
+                uint8_t *ip = NULL, *op = NULL;

                while(nb)
                {
@ -763,7 +763,7 @@ AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf,
            }
            else    /* input, output or both are unaligned  */
        {   aligned_auto(uint8_t, buf, BFR_BLOCKS * AES_BLOCK_SIZE, 16);
-            uint8_t *ip, *op;
+            uint8_t *ip = NULL, *op = NULL;

                while(nb)
                {
@ -850,14 +850,14 @@ AES_RETURN aes_ofb_crypt(const unsigned char *ibuf, unsigned char *obuf,
 AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf,
            int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx ctx[1])
 {   unsigned char   *ip;
-    int             i, blen, b_pos = (int)(ctx->inf.b[2]);
+    int             i = 0, blen = 0, b_pos = (int)(ctx->inf.b[2]);

 #if defined( USE_VIA_ACE_IF_PRESENT )
    aligned_auto(uint8_t, buf, BFR_LENGTH, 16);
    if(ctx->inf.b[1] == 0xff && ALIGN_OFFSET( ctx, 16 ))
        return EXIT_FAILURE;
 #else
-    uint8_t buf[BFR_LENGTH];
+    uint8_t buf[BFR_LENGTH] = {0};
 #endif

    if(b_pos)
--- a/crypto/aes/aescrypt.c
+++ b/crypto/aes/aescrypt.c
@ -96,7 +96,7 @@ extern "C"

 AES_RETURN aes_xi(encrypt)(const unsigned char *in, unsigned char *out, const aes_encrypt_ctx cx[1])
 {   uint32_t         locals(b0, b1);
-    const uint32_t   *kp;
+    const uint32_t *kp = NULL;
 #if defined( dec_fmvars )
    dec_fmvars; /* declare variables for fwd_mcol() if needed */
 #endif
@ -234,7 +234,7 @@ AES_RETURN aes_xi(decrypt)(const unsigned char *in, unsigned char *out, const ae
 #if defined( dec_imvars )
    dec_imvars; /* declare variables for inv_mcol() if needed */
 #endif
-    const uint32_t *kp;
+    const uint32_t *kp = NULL;

 	if(cx->inf.b[0] != 10 * AES_BLOCK_SIZE && cx->inf.b[0] != 12 * AES_BLOCK_SIZE && cx->inf.b[0] != 14 * AES_BLOCK_SIZE)
 		return EXIT_FAILURE;
--- a/crypto/aes/aestab.c
+++ b/crypto/aes/aestab.c
@ -272,7 +272,7 @@ AES_RETURN aes_init(void)

 #if defined(FF_TABLES)

-    uint8_t  pow[512], log[256];
+    uint8_t  pow[512] = {0}, log[256] = {0};

    if(init)
        return EXIT_SUCCESS;
--- a/crypto/base32.c
+++ b/crypto/base32.c
@ -77,7 +77,7 @@ void base32_encode_unsafe(const uint8_t *in, size_t inlen, uint8_t *out) {
  uint8_t remainder = inlen % 5;
  size_t limit = inlen - remainder;

-  size_t i, j;
+  size_t i = 0, j = 0;
  for (i = 0, j = 0; i < limit; i += 5, j += 8) {
    base32_5to8(&in[i], 5, &out[j]);
  }
@ -90,7 +90,7 @@ bool base32_decode_unsafe(const uint8_t *in, size_t inlen, uint8_t *out,
  uint8_t remainder = inlen % 8;
  size_t limit = inlen - remainder;

-  size_t i, j;
+  size_t i = 0, j = 0;
  for (i = 0, j = 0; i < limit; i += 8, j += 5) {
    if (!base32_8to5(&in[i], 8, &out[j], alphabet)) {
      return false;
--- a/crypto/base58.c
+++ b/crypto/base58.c
@ -58,9 +58,9 @@ bool b58tobin(void *bin, size_t *binszp, const char *b58) {
  size_t outisz =
      (binsz + sizeof(b58_almostmaxint_t) - 1) / sizeof(b58_almostmaxint_t);
  b58_almostmaxint_t outi[outisz];
-  b58_maxint_t t;
-  b58_almostmaxint_t c;
-  size_t i, j;
+  b58_maxint_t t = 0;
+  b58_almostmaxint_t c = 0;
+  size_t i = 0, j = 0;
  uint8_t bytesleft = binsz % sizeof(b58_almostmaxint_t);
  b58_almostmaxint_t zeromask =
      bytesleft ? (b58_almostmaxint_mask << (bytesleft * 8)) : 0;
@ -128,9 +128,9 @@ bool b58tobin(void *bin, size_t *binszp, const char *b58) {

 int b58check(const void *bin, size_t binsz, HasherType hasher_type,
             const char *base58str) {
-  unsigned char buf[32];
+  unsigned char buf[32] = {0};
  const uint8_t *binc = bin;
-  unsigned i;
+  unsigned i = 0;
  if (binsz < 4) return -4;
  hasher_Raw(hasher_type, bin, binsz - 4, buf);
  if (memcmp(&binc[binsz - 4], buf, 4)) return -1;
@ -146,9 +146,9 @@ int b58check(const void *bin, size_t binsz, HasherType hasher_type,

 bool b58enc(char *b58, size_t *b58sz, const void *data, size_t binsz) {
  const uint8_t *bin = data;
-  int carry;
-  size_t i, j, high, zcount = 0;
-  size_t size;
+  int carry = 0;
+  size_t i = 0, j = 0, high = 0, zcount = 0;
+  size_t size = 0;

  while (zcount < binsz && !bin[zcount]) ++zcount;

@ -219,9 +219,9 @@ int base58_decode_check(const char *str, HasherType hasher_type, uint8_t *data,

 #if USE_GRAPHENE
 int b58gphcheck(const void *bin, size_t binsz, const char *base58str) {
-  unsigned char buf[32];
+  unsigned char buf[32] = {0};
  const uint8_t *binc = bin;
-  unsigned i;
+  unsigned i = 0;
  if (binsz < 4) return -4;
  ripemd160(bin, binsz - 4, buf);  // No double SHA256, but a single RIPEMD160
  if (memcmp(&binc[binsz - 4], buf, 4)) return -1;
--- a/crypto/bip32.c
+++ b/crypto/bip32.c
@ -127,7 +127,7 @@ int hdnode_from_xprv(uint32_t depth, uint32_t child_num,
  if (info == 0) {
    failed = true;
  } else if (info->params) {
-    bignum256 a;
+    bignum256 a = {0};
    bn_read_be(private_key, &a);
    if (bn_is_zero(&a)) {  // == 0
      failed = true;
@ -170,7 +170,7 @@ int hdnode_from_seed(const uint8_t *seed, int seed_len, const char *curve,
  hmac_sha512_Final(&ctx, I);

  if (out->curve->params) {
-    bignum256 a;
+    bignum256 a = {0};
    while (true) {
      bn_read_be(I, &a);
      if (!bn_is_zero(&a)                                   // != 0
@ -192,8 +192,8 @@ int hdnode_from_seed(const uint8_t *seed, int seed_len, const char *curve,
 }

 uint32_t hdnode_fingerprint(HDNode *node) {
-  uint8_t digest[32];
-  uint32_t fingerprint;
+  uint8_t digest[32] = {0};
+  uint32_t fingerprint = 0;

  hdnode_fill_public_key(node);
  hasher_Raw(node->curve->hasher_pubkey, node->public_key, 33, digest);
@ -422,9 +422,9 @@ int hdnode_from_entropy_cardano_icarus(const uint8_t *pass, int pass_len,
 int hdnode_public_ckd_cp(const ecdsa_curve *curve, const curve_point *parent,
                         const uint8_t *parent_chain_code, uint32_t i,
                         curve_point *child, uint8_t *child_chain_code) {
-  uint8_t data[1 + 32 + 4];
-  uint8_t I[32 + 32];
-  bignum256 c;
+  uint8_t data[(1 + 32) + 4] = {0};
+  uint8_t I[32 + 32] = {0};
+  bignum256 c = {0};

  if (i & 0x80000000) {  // private derivation
    return 0;
@ -459,7 +459,7 @@ int hdnode_public_ckd_cp(const ecdsa_curve *curve, const curve_point *parent,
 }

 int hdnode_public_ckd(HDNode *inout, uint32_t i) {
-  curve_point parent, child;
+  curve_point parent = {0}, child = {0};

  if (!ecdsa_read_pubkey(inout->curve->params, inout->public_key, &parent)) {
    return 0;
@ -487,8 +487,8 @@ void hdnode_public_ckd_address_optimized(const curve_point *pub,
                                         HasherType hasher_pubkey,
                                         HasherType hasher_base58, char *addr,
                                         int addrsize, int addrformat) {
-  uint8_t child_pubkey[33];
-  curve_point b;
+  uint8_t child_pubkey[33] = {0};
+  curve_point b = {0};

  hdnode_public_ckd_cp(&secp256k1, pub, chain_code, i, &b, NULL);
  child_pubkey[0] = 0x02 | (b.y.val[0] & 0x01);
@ -544,7 +544,7 @@ int hdnode_private_ckd_cached(HDNode *inout, const uint32_t *i, size_t i_count,
    private_ckd_cache_root_set = true;
  } else {
    // try to find parent
-    int j;
+    int j = 0;
    for (j = 0; j < BIP32_CACHE_SIZE; j++) {
      if (private_ckd_cache[j].set &&
          private_ckd_cache[j].depth == i_count - 1 &&
@ -560,7 +560,7 @@ int hdnode_private_ckd_cached(HDNode *inout, const uint32_t *i, size_t i_count,

  // else derive parent
  if (!found) {
-    size_t k;
+    size_t k = 0;
    for (k = 0; k < i_count - 1; k++) {
      if (hdnode_private_ckd(inout, i[k]) == 0) return 0;
    }
@ -633,8 +633,8 @@ void hdnode_fill_public_key(HDNode *node) {

 #if USE_ETHEREUM
 int hdnode_get_ethereum_pubkeyhash(const HDNode *node, uint8_t *pubkeyhash) {
-  uint8_t buf[65];
-  SHA3_CTX ctx;
+  uint8_t buf[65] = {0};
+  SHA3_CTX ctx = {0};

  /* get uncompressed public key */
  ecdsa_get_public_key65(node->curve->params, node->private_key, buf);
@ -687,7 +687,7 @@ int hdnode_get_nem_shared_key(const HDNode *node,
 int hdnode_nem_encrypt(const HDNode *node, const ed25519_public_key public_key,
                       const uint8_t *iv_immut, const uint8_t *salt,
                       const uint8_t *payload, size_t size, uint8_t *buffer) {
-  uint8_t last_block[AES_BLOCK_SIZE];
+  uint8_t last_block[AES_BLOCK_SIZE] = {0};
  uint8_t remainder = size % AES_BLOCK_SIZE;

  // Round down to last whole block
@ -699,15 +699,15 @@ int hdnode_nem_encrypt(const HDNode *node, const ed25519_public_key public_key,
         AES_BLOCK_SIZE - remainder);

  // the IV gets mutated, so we make a copy not to touch the original
-  uint8_t iv[AES_BLOCK_SIZE];
+  uint8_t iv[AES_BLOCK_SIZE] = {0};
  memcpy(iv, iv_immut, AES_BLOCK_SIZE);

-  uint8_t shared_key[SHA3_256_DIGEST_LENGTH];
+  uint8_t shared_key[SHA3_256_DIGEST_LENGTH] = {0};
  if (!hdnode_get_nem_shared_key(node, public_key, salt, NULL, shared_key)) {
    return 0;
  }

-  aes_encrypt_ctx ctx;
+  aes_encrypt_ctx ctx = {0};

  int ret = aes_encrypt_key256(shared_key, &ctx);
  memzero(shared_key, sizeof(shared_key));
@ -731,13 +731,13 @@ int hdnode_nem_encrypt(const HDNode *node, const ed25519_public_key public_key,
 int hdnode_nem_decrypt(const HDNode *node, const ed25519_public_key public_key,
                       uint8_t *iv, const uint8_t *salt, const uint8_t *payload,
                       size_t size, uint8_t *buffer) {
-  uint8_t shared_key[SHA3_256_DIGEST_LENGTH];
+  uint8_t shared_key[SHA3_256_DIGEST_LENGTH] = {0};

  if (!hdnode_get_nem_shared_key(node, public_key, salt, NULL, shared_key)) {
    return 0;
  }

-  aes_decrypt_ctx ctx;
+  aes_decrypt_ctx ctx = {0};

  int ret = aes_decrypt_key256(shared_key, &ctx);
  memzero(shared_key, sizeof(shared_key));
@ -822,7 +822,7 @@ int hdnode_get_shared_key(const HDNode *node, const uint8_t *peer_public_key,
 static int hdnode_serialize(const HDNode *node, uint32_t fingerprint,
                            uint32_t version, char use_public, char *str,
                            int strsize) {
-  uint8_t node_data[78];
+  uint8_t node_data[78] = {0};
  write_be(node_data, version);
  node_data[4] = node->depth;
  write_be(node_data + 5, fingerprint);
@ -854,7 +854,7 @@ int hdnode_serialize_private(const HDNode *node, uint32_t fingerprint,
 int hdnode_deserialize(const char *str, uint32_t version_public,
                       uint32_t version_private, const char *curve,
                       HDNode *node, uint32_t *fingerprint) {
-  uint8_t node_data[78];
+  uint8_t node_data[78] = {0};
  memzero(node, sizeof(HDNode));
  node->curve = get_curve_by_name(curve);
  if (base58_decode_check(str, node->curve->hasher_base58, node_data,
--- a/crypto/bip39.c
+++ b/crypto/bip39.c
@ -50,7 +50,7 @@ const char *mnemonic_generate(int strength) {
  if (strength % 32 || strength < 128 || strength > 256) {
    return 0;
  }
-  uint8_t data[32];
+  uint8_t data[32] = {0};
  random_buffer(data, 32);
  const char *r = mnemonic_from_data(data, strength / 8);
  memzero(data, sizeof(data));
@ -64,7 +64,7 @@ const char *mnemonic_from_data(const uint8_t *data, int len) {
    return 0;
  }

-  uint8_t bits[32 + 1];
+  uint8_t bits[32 + 1] = {0};

  sha256_Raw(data, len, bits);
  // checksum
@ -74,7 +74,7 @@ const char *mnemonic_from_data(const uint8_t *data, int len) {

  int mlen = len * 3 / 4;

-  int i, j, idx;
+  int i = 0, j = 0, idx = 0;
  char *p = mnemo;
  for (i = 0; i < mlen; i++) {
    idx = 0;
@ -114,9 +114,9 @@ int mnemonic_to_entropy(const char *mnemonic, uint8_t *entropy) {
    return 0;
  }

-  char current_word[10];
-  uint32_t j, k, ki, bi = 0;
-  uint8_t bits[32 + 1];
+  char current_word[10] = {0};
+  uint32_t j = 0, k = 0, ki = 0, bi = 0;
+  uint8_t bits[32 + 1] = {0};

  memzero(bits, sizeof(bits));
  i = 0;
@ -159,7 +159,7 @@ int mnemonic_to_entropy(const char *mnemonic, uint8_t *entropy) {
 }

 int mnemonic_check(const char *mnemonic) {
-  uint8_t bits[32 + 1];
+  uint8_t bits[32 + 1] = {0};
  int seed_len = mnemonic_to_entropy(mnemonic, bits);
  if (seed_len != (12 * 11) && seed_len != (18 * 11) && seed_len != (24 * 11)) {
    return 0;
@ -198,7 +198,7 @@ void mnemonic_to_seed(const char *mnemonic, const char *passphrase,
    }
  }
 #endif
-  uint8_t salt[8 + 256];
+  uint8_t salt[8 + 256] = {0};
  memcpy(salt, "mnemonic", 8);
  memcpy(salt + 8, passphrase, passphraselen);
  static CONFIDENTIAL PBKDF2_HMAC_SHA512_CTX pctx;
--- a/crypto/blake256.c
+++ b/crypto/blake256.c
@ -64,7 +64,7 @@ static const uint8_t padding[129] =

 static void blake256_compress( BLAKE256_CTX *S, const uint8_t *block )
 {
-  uint32_t v[16], m[16], i;
+  uint32_t v[16] = {0}, m[16] = {0}, i = 0;
 #define ROT(x,n) (((x)<<(32-n))|( (x)>>(n)))
 #define G(a,b,c,d,e)          \
  v[a] += (m[sigma[i][e]] ^ u256[sigma[i][e+1]]) + v[b]; \
@ -177,7 +177,7 @@ void blake256_Update( BLAKE256_CTX *S, const uint8_t *in, size_t inlen )

 void blake256_Final( BLAKE256_CTX *S, uint8_t *out )
 {
-  uint8_t msglen[8], zo = 0x01, oo = 0x81;
+  uint8_t msglen[8] = {0}, zo = 0x01, oo = 0x81;
  uint32_t lo = S->t[0] + ( S->buflen << 3 ), hi = S->t[1];

  /* support for hashing more than 2^32 bits */
@ -228,7 +228,7 @@ void blake256_Final( BLAKE256_CTX *S, uint8_t *out )

 void blake256( const uint8_t *in, size_t inlen, uint8_t *out )
 {
-  BLAKE256_CTX S;
+  BLAKE256_CTX S = {0};
  blake256_Init( &S );
  blake256_Update( &S, in, inlen );
  blake256_Final( &S, out );
--- a/crypto/blake2b.c
+++ b/crypto/blake2b.c
@ -86,7 +86,7 @@ static void blake2b_increment_counter( blake2b_state *S, const uint64_t inc )

 static void blake2b_init0( blake2b_state *S )
 {
-  size_t i;
+  size_t i = 0;
  memzero( S, sizeof( blake2b_state ) );

  for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i];
@ -96,7 +96,7 @@ static void blake2b_init0( blake2b_state *S )
 int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
 {
  const uint8_t *p = ( const uint8_t * )( P );
-  size_t i;
+  size_t i = 0;

  blake2b_init0( S );

@ -112,7 +112,7 @@ int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
 /* Sequential blake2b initialization */
 int blake2b_Init( blake2b_state *S, size_t outlen )
 {
-  blake2b_param P[1];
+  blake2b_param P[1] = {0};

  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;

@ -133,7 +133,7 @@ int blake2b_Init( blake2b_state *S, size_t outlen )

 int blake2b_InitPersonal( blake2b_state *S, size_t outlen, const void *personal, size_t personal_len)
 {
-  blake2b_param P[1];
+  blake2b_param P[1] = {0};

  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;
  if ( ( !personal ) || ( personal_len != BLAKE2B_PERSONALBYTES ) ) return -1;
@ -155,7 +155,7 @@ int blake2b_InitPersonal( blake2b_state *S, size_t outlen, const void *personal,

 int blake2b_InitKey( blake2b_state *S, size_t outlen, const void *key, size_t keylen )
 {
-  blake2b_param P[1];
+  blake2b_param P[1] = {0};

  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1;

@ -177,7 +177,7 @@ int blake2b_InitKey( blake2b_state *S, size_t outlen, const void *key, size_t ke
  if( blake2b_init_param( S, P ) < 0 ) return -1;

  {
-    uint8_t block[BLAKE2B_BLOCKBYTES];
+    uint8_t block[BLAKE2B_BLOCKBYTES] = {0};
    memzero( block, BLAKE2B_BLOCKBYTES );
    memcpy( block, key, keylen );
    blake2b_Update( S, block, BLAKE2B_BLOCKBYTES );
@ -212,9 +212,9 @@ int blake2b_InitKey( blake2b_state *S, size_t outlen, const void *key, size_t ke

 static void blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOCKBYTES] )
 {
-  uint64_t m[16];
-  uint64_t v[16];
-  size_t i;
+  uint64_t m[16] = {0};
+  uint64_t v[16] = {0};
+  size_t i = 0;

  for( i = 0; i < 16; ++i ) {
    m[i] = load64( block + i * sizeof( m[i] ) );
@ -284,7 +284,7 @@ int blake2b_Update( blake2b_state *S, const void *pin, size_t inlen )
 int blake2b_Final( blake2b_state *S, void *out, size_t outlen )
 {
  uint8_t buffer[BLAKE2B_OUTBYTES] = {0};
-  size_t i;
+  size_t i = 0;

  if( out == NULL || outlen < S->outlen )
    return -1;
--- a/crypto/blake2s.c
+++ b/crypto/blake2s.c
@ -81,7 +81,7 @@ static void blake2s_increment_counter( blake2s_state *S, const uint32_t inc )

 static void blake2s_init0( blake2s_state *S )
 {
-  size_t i;
+  size_t i = 0;
  memzero( S, sizeof( blake2s_state ) );

  for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i];
@ -91,7 +91,7 @@ static void blake2s_init0( blake2s_state *S )
 int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
 {
  const unsigned char *p = ( const unsigned char * )( P );
-  size_t i;
+  size_t i = 0;

  blake2s_init0( S );

@ -107,7 +107,7 @@ int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
 /* Sequential blake2s initialization */
 int blake2s_Init( blake2s_state *S, size_t outlen )
 {
-  blake2s_param P[1];
+  blake2s_param P[1] = {0};

  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1;

@ -128,7 +128,7 @@ int blake2s_Init( blake2s_state *S, size_t outlen )

 int blake2s_InitPersonal( blake2s_state *S, size_t outlen, const void *personal, size_t personal_len)
 {
-  blake2s_param P[1];
+  blake2s_param P[1] = {0};

  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1;
  if ( ( !personal ) || ( personal_len != BLAKE2S_PERSONALBYTES ) ) return -1;
@ -151,7 +151,7 @@ int blake2s_InitPersonal( blake2s_state *S, size_t outlen, const void *personal,

 int blake2s_InitKey( blake2s_state *S, size_t outlen, const void *key, size_t keylen )
 {
-  blake2s_param P[1];
+  blake2s_param P[1] = {0};

  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return -1;

@ -173,7 +173,7 @@ int blake2s_InitKey( blake2s_state *S, size_t outlen, const void *key, size_t ke
  if( blake2s_init_param( S, P ) < 0 ) return -1;

  {
-    uint8_t block[BLAKE2S_BLOCKBYTES];
+    uint8_t block[BLAKE2S_BLOCKBYTES] = {0};
    memzero( block, BLAKE2S_BLOCKBYTES );
    memcpy( block, key, keylen );
    blake2s_Update( S, block, BLAKE2S_BLOCKBYTES );
@ -208,9 +208,9 @@ int blake2s_InitKey( blake2s_state *S, size_t outlen, const void *key, size_t ke

 static void blake2s_compress( blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBYTES] )
 {
-  uint32_t m[16];
-  uint32_t v[16];
-  size_t i;
+  uint32_t m[16] = {0};
+  uint32_t v[16] = {0};
+  size_t i = 0;

  for( i = 0; i < 16; ++i ) {
    m[i] = load32( in + i * sizeof( m[i] ) );
@ -278,7 +278,7 @@ int blake2s_Update( blake2s_state *S, const void *pin, size_t inlen )
 int blake2s_Final( blake2s_state *S, void *out, size_t outlen )
 {
  uint8_t buffer[BLAKE2S_OUTBYTES] = {0};
-  size_t i;
+  size_t i = 0;

  if( out == NULL || outlen < S->outlen )
    return -1;
--- a/crypto/cash_addr.c
+++ b/crypto/cash_addr.c
@ -87,9 +87,9 @@ int cash_encode(char* output, const char* hrp, const uint8_t* data,

 int cash_decode(char* hrp, uint8_t* data, size_t* data_len, const char* input) {
  uint64_t chk = 1;
-  size_t i;
+  size_t i = 0;
  size_t input_len = strlen(input);
-  size_t hrp_len;
+  size_t hrp_len = 0;
  int have_lower = 0, have_upper = 0;
  if (input_len < CHECKSUM_SIZE || input_len > MAX_CASHADDR_SIZE) {
    return 0;
@ -167,7 +167,7 @@ static int convert_bits(uint8_t* out, size_t* outlen, int outbits,

 int cash_addr_encode(char* output, const char* hrp, const uint8_t* data,
                     size_t data_len) {
-  uint8_t base32[MAX_BASE32_SIZE];
+  uint8_t base32[MAX_BASE32_SIZE] = {0};
  size_t base32len = 0;
  if (data_len < 2 || data_len > MAX_DATA_SIZE) return 0;
  convert_bits(base32, &base32len, 5, data, data_len, 8, 1);
@ -176,9 +176,9 @@ int cash_addr_encode(char* output, const char* hrp, const uint8_t* data,

 int cash_addr_decode(uint8_t* witdata, size_t* witdata_len, const char* hrp,
                     const char* addr) {
-  uint8_t data[MAX_BASE32_SIZE];
-  char hrp_actual[MAX_HRP_SIZE + 1];
-  size_t data_len;
+  uint8_t data[MAX_BASE32_SIZE] = {0};
+  char hrp_actual[MAX_HRP_SIZE + 1] = {0};
+  size_t data_len = 0;
  if (!cash_decode(hrp_actual, data, &data_len, addr)) return 0;
  if (data_len == 0 || data_len > MAX_BASE32_SIZE) return 0;
  if (strncmp(hrp, hrp_actual, MAX_HRP_SIZE + 1) != 0) return 0;
--- a/crypto/chacha20poly1305/chacha20poly1305.c
+++ b/crypto/chacha20poly1305/chacha20poly1305.c
@ -13,7 +13,7 @@ void hchacha20(ECRYPT_ctx *x,u8 *c);
 void xchacha20poly1305_init(chacha20poly1305_ctx *ctx, const uint8_t key[32], const uint8_t nonce[24]) {
    unsigned char subkey[32] = {0};
    unsigned char block0[64] = {0};
-    ECRYPT_ctx tmp;
+    ECRYPT_ctx tmp = {0};

    // Generate the Chacha20 key by applying HChaCha20 to the
    // original key and the first 16 bytes of the nonce.
--- a/crypto/chacha20poly1305/chacha_merged.c
+++ b/crypto/chacha20poly1305/chacha_merged.c
@ -29,7 +29,7 @@ static const char tau[16] = "expand 16-byte k";
 void ECRYPT_keysetup(ECRYPT_ctx *x,const u8 *k,u32 kbits,u32 ivbits)
 {
  (void)ivbits;
-  const char *constants;
+  const char *constants = NULL;

  x->input[4] = U8TO32_LITTLE(k + 0);
  x->input[5] = U8TO32_LITTLE(k + 4);
@ -61,11 +61,11 @@ void ECRYPT_ivsetup(ECRYPT_ctx *x,const u8 *iv)

 void ECRYPT_encrypt_bytes(ECRYPT_ctx *x,const u8 *m,u8 *c,u32 bytes)
 {
-  u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
-  u32 j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15;
+  u32 x0 = 0, x1 = 0, x2 = 0, x3 = 0, x4 = 0, x5 = 0, x6 = 0, x7 = 0, x8 = 0, x9 = 0, x10 = 0, x11 = 0, x12 = 0, x13 = 0, x14 = 0, x15 = 0;
+  u32 j0 = 0, j1 = 0, j2 = 0, j3 = 0, j4 = 0, j5 = 0, j6 = 0, j7 = 0, j8 = 0, j9 = 0, j10 = 0, j11 = 0, j12 = 0, j13 = 0, j14 = 0, j15 = 0;
  u8 *ctarget = 0;
-  u8 tmp[64];
-  int i;
+  u8 tmp[64] = {0};
+  int i = 0;

  if (!bytes) return;

@ -197,15 +197,15 @@ void ECRYPT_decrypt_bytes(ECRYPT_ctx *x,const u8 *c,u8 *m,u32 bytes)

 void ECRYPT_keystream_bytes(ECRYPT_ctx *x,u8 *stream,u32 bytes)
 {
-  u32 i;
+  u32 i = 0;
  for (i = 0;i < bytes;++i) stream[i] = 0;
  ECRYPT_encrypt_bytes(x,stream,stream,bytes);
 }

 void hchacha20(ECRYPT_ctx *x,u8 *c)
 {
-  u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
-  int i;
+  u32 x0 = 0, x1 = 0, x2 = 0, x3 = 0, x4 = 0, x5 = 0, x6 = 0, x7 = 0, x8 = 0, x9 = 0, x10 = 0, x11 = 0, x12 = 0, x13 = 0, x14 = 0, x15 = 0;
+  int i = 0;

  x0 = x->input[0];
  x1 = x->input[1];
--- a/crypto/chacha20poly1305/poly1305-donna.c
+++ b/crypto/chacha20poly1305/poly1305-donna.c
@ -4,7 +4,7 @@
 void
 poly1305_update(poly1305_context *ctx, const unsigned char *m, size_t bytes) {
 	poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx;
-	size_t i;
+	size_t i = 0;

 	/* handle leftover */
 	if (st->leftover) {
@ -40,7 +40,7 @@ poly1305_update(poly1305_context *ctx, const unsigned char *m, size_t bytes) {

 void
 poly1305_auth(unsigned char mac[16], const unsigned char *m, size_t bytes, const unsigned char key[32]) {
-	poly1305_context ctx;
+	poly1305_context ctx = {0};
 	poly1305_init(&ctx, key);
 	poly1305_update(&ctx, m, bytes);
 	poly1305_finish(&ctx, mac);
@ -48,7 +48,7 @@ poly1305_auth(unsigned char mac[16], const unsigned char *m, size_t bytes, const

 int
 poly1305_verify(const unsigned char mac1[16], const unsigned char mac2[16]) {
-	size_t i;
+	size_t i = 0;
 	unsigned int dif = 0;
 	for (i = 0; i < 16; i++)
 		dif |= (mac1[i] ^ mac2[i]);
@ -127,12 +127,12 @@ poly1305_power_on_self_test(void) {
 		0xd2,0x87,0xf9,0x7c,0x44,0x62,0x3d,0x39
 	};

-	poly1305_context ctx;
-	poly1305_context total_ctx;
-	unsigned char all_key[32];
-	unsigned char all_msg[256];
-	unsigned char mac[16];
-	size_t i, j;
+	poly1305_context ctx = {0};
+	poly1305_context total_ctx = {0};
+	unsigned char all_key[32] = {0};
+	unsigned char all_msg[256] = {0};
+	unsigned char mac[16] = {0};
+	size_t i = 0, j = 0;
 	int result = 1;

 	for (i = 0; i < sizeof(mac); i++)
--- a/crypto/ecdsa.c
+++ b/crypto/ecdsa.c
@ -43,7 +43,7 @@ void point_copy(const curve_point *cp1, curve_point *cp2) { *cp2 = *cp1; }
 // cp2 = cp1 + cp2
 void point_add(const ecdsa_curve *curve, const curve_point *cp1,
               curve_point *cp2) {
-  bignum256 lambda, inv, xr, yr;
+  bignum256 lambda = {0}, inv = {0}, xr = {0}, yr = {0};

  if (point_is_infinity(cp1)) {
    return;
@ -88,7 +88,7 @@ void point_add(const ecdsa_curve *curve, const curve_point *cp1,

 // cp = cp + cp
 void point_double(const ecdsa_curve *curve, curve_point *cp) {
-  bignum256 lambda, xr, yr;
+  bignum256 lambda = {0}, xr = {0}, yr = {0};

  if (point_is_infinity(cp)) {
    return;
@ -165,7 +165,7 @@ int point_is_negative_of(const curve_point *p, const curve_point *q) {
 // Negate a (modulo prime) if cond is 0xffffffff, keep it if cond is 0.
 // The timing of this function does not depend on cond.
 void conditional_negate(uint32_t cond, bignum256 *a, const bignum256 *prime) {
-  int j;
+  int j = 0;
  uint32_t tmp = 1;
  assert(a->val[8] < 0x20000);
  for (j = 0; j < 8; j++) {
@ -185,7 +185,7 @@ typedef struct jacobian_curve_point {
 // generate random K for signing/side-channel noise
 static void generate_k_random(bignum256 *k, const bignum256 *prime) {
  do {
-    int i;
+    int i = 0;
    for (i = 0; i < 8; i++) {
      k->val[i] = random32() & 0x3FFFFFFF;
    }
@ -230,10 +230,10 @@ void jacobian_to_curve(const jacobian_curve_point *jp, curve_point *p,

 void point_jacobian_add(const curve_point *p1, jacobian_curve_point *p2,
                        const ecdsa_curve *curve) {
-  bignum256 r, h, r2;
-  bignum256 hcby, hsqx;
-  bignum256 xz, yz, az;
-  int is_doubling;
+  bignum256 r = {0}, h = {0}, r2 = {0};
+  bignum256 hcby = {0}, hsqx = {0};
+  bignum256 xz = {0}, yz = {0}, az = {0};
+  int is_doubling = 0;
  const bignum256 *prime = &curve->prime;
  int a = curve->a;

@ -348,7 +348,7 @@ void point_jacobian_add(const curve_point *p1, jacobian_curve_point *p2,
 }

 void point_jacobian_double(jacobian_curve_point *p, const ecdsa_curve *curve) {
-  bignum256 az4, m, msq, ysq, xysq;
+  bignum256 az4 = {0}, m = {0}, msq = {0}, ysq = {0}, xysq = {0};
  const bignum256 *prime = &curve->prime;

  assert(-3 <= curve->a && curve->a <= 0);
@ -424,15 +424,15 @@ void point_multiply(const ecdsa_curve *curve, const bignum256 *k,
  //  Side Channel Attacks.
  assert(bn_is_less(k, &curve->order));

-  int i, j;
+  int i = 0, j = 0;
  static CONFIDENTIAL bignum256 a;
-  uint32_t *aptr;
-  uint32_t abits;
-  int ashift;
+  uint32_t *aptr = NULL;
+  uint32_t abits = 0;
+  int ashift = 0;
  uint32_t is_even = (k->val[0] & 1) - 1;
-  uint32_t bits, sign, nsign;
+  uint32_t bits = {0}, sign = {0}, nsign = {0};
  static CONFIDENTIAL jacobian_curve_point jres;
-  curve_point pmult[8];
+  curve_point pmult[8] = {0};
  const bignum256 *prime = &curve->prime;

  // is_even = 0xffffffff if k is even, 0 otherwise.
@ -545,10 +545,10 @@ void scalar_multiply(const ecdsa_curve *curve, const bignum256 *k,
                     curve_point *res) {
  assert(bn_is_less(k, &curve->order));

-  int i, j;
+  int i = {0}, j = {0};
  static CONFIDENTIAL bignum256 a;
  uint32_t is_even = (k->val[0] & 1) - 1;
-  uint32_t lowbits;
+  uint32_t lowbits = 0;
  static CONFIDENTIAL jacobian_curve_point jres;
  const bignum256 *prime = &curve->prime;

@ -636,12 +636,12 @@ void scalar_multiply(const ecdsa_curve *curve, const bignum256 *k,

 int ecdh_multiply(const ecdsa_curve *curve, const uint8_t *priv_key,
                  const uint8_t *pub_key, uint8_t *session_key) {
-  curve_point point;
+  curve_point point = {0};
  if (!ecdsa_read_pubkey(curve, pub_key, &point)) {
    return 1;
  }

-  bignum256 k;
+  bignum256 k = {0};
  bn_read_be(priv_key, &k);
  point_multiply(curve, &k, &point, &point);
  memzero(&k, sizeof(k));
@ -660,7 +660,7 @@ int ecdsa_sign(const ecdsa_curve *curve, HasherType hasher_sign,
               const uint8_t *priv_key, const uint8_t *msg, uint32_t msg_len,
               uint8_t *sig, uint8_t *pby,
               int (*is_canonical)(uint8_t by, uint8_t sig[64])) {
-  uint8_t hash[32];
+  uint8_t hash[32] = {0};
  hasher_Raw(hasher_sign, msg, msg_len, hash);
  int res = ecdsa_sign_digest(curve, priv_key, hash, sig, pby, is_canonical);
  memzero(hash, sizeof(hash));
@ -676,14 +676,14 @@ int ecdsa_sign(const ecdsa_curve *curve, HasherType hasher_sign,
 int ecdsa_sign_digest(const ecdsa_curve *curve, const uint8_t *priv_key,
                      const uint8_t *digest, uint8_t *sig, uint8_t *pby,
                      int (*is_canonical)(uint8_t by, uint8_t sig[64])) {
-  int i;
-  curve_point R;
-  bignum256 k, z, randk;
+  int i = 0;
+  curve_point R = {0};
+  bignum256 k = {0}, z = {0}, randk = {0};
  bignum256 *s = &R.y;
  uint8_t by;  // signature recovery byte

 #if USE_RFC6979
-  rfc6979_state rng;
+  rfc6979_state rng = {0};
  init_rfc6979(priv_key, digest, &rng);
 #endif

@ -768,8 +768,8 @@ int ecdsa_sign_digest(const ecdsa_curve *curve, const uint8_t *priv_key,

 void ecdsa_get_public_key33(const ecdsa_curve *curve, const uint8_t *priv_key,
                            uint8_t *pub_key) {
-  curve_point R;
-  bignum256 k;
+  curve_point R = {0};
+  bignum256 k = {0};

  bn_read_be(priv_key, &k);
  // compute k*G
@ -782,8 +782,8 @@ void ecdsa_get_public_key33(const ecdsa_curve *curve, const uint8_t *priv_key,

 void ecdsa_get_public_key65(const ecdsa_curve *curve, const uint8_t *priv_key,
                            uint8_t *pub_key) {
-  curve_point R;
-  bignum256 k;
+  curve_point R = {0};
+  bignum256 k = {0};

  bn_read_be(priv_key, &k);
  // compute k*G
@ -797,7 +797,7 @@ void ecdsa_get_public_key65(const ecdsa_curve *curve, const uint8_t *priv_key,

 int ecdsa_uncompress_pubkey(const ecdsa_curve *curve, const uint8_t *pub_key,
                            uint8_t *uncompressed) {
-  curve_point pub;
+  curve_point pub = {0};

  if (!ecdsa_read_pubkey(curve, pub_key, &pub)) {
    return 0;
@ -812,7 +812,7 @@ int ecdsa_uncompress_pubkey(const ecdsa_curve *curve, const uint8_t *pub_key,

 void ecdsa_get_pubkeyhash(const uint8_t *pub_key, HasherType hasher_pubkey,
                          uint8_t *pubkeyhash) {
-  uint8_t h[HASHER_DIGEST_LENGTH];
+  uint8_t h[HASHER_DIGEST_LENGTH] = {0};
  if (pub_key[0] == 0x04) {  // uncompressed format
    hasher_Raw(hasher_pubkey, pub_key, 65, h);
  } else if (pub_key[0] == 0x00) {  // point at infinity
@ -834,7 +834,7 @@ void ecdsa_get_address_raw(const uint8_t *pub_key, uint32_t version,
 void ecdsa_get_address(const uint8_t *pub_key, uint32_t version,
                       HasherType hasher_pubkey, HasherType hasher_base58,
                       char *addr, int addrsize) {
-  uint8_t raw[MAX_ADDR_RAW_SIZE];
+  uint8_t raw[MAX_ADDR_RAW_SIZE] = {0};
  size_t prefix_len = address_prefix_bytes_len(version);
  ecdsa_get_address_raw(pub_key, version, hasher_pubkey, raw);
  base58_encode_check(raw, 20 + prefix_len, hasher_base58, addr, addrsize);
@ -845,7 +845,7 @@ void ecdsa_get_address(const uint8_t *pub_key, uint32_t version,
 void ecdsa_get_address_segwit_p2sh_raw(const uint8_t *pub_key, uint32_t version,
                                       HasherType hasher_pubkey,
                                       uint8_t *addr_raw) {
-  uint8_t buf[32 + 2];
+  uint8_t buf[32 + 2] = {0};
  buf[0] = 0;   // version byte
  buf[1] = 20;  // push 20 bytes
  ecdsa_get_pubkeyhash(pub_key, hasher_pubkey, buf + 2);
@ -858,7 +858,7 @@ void ecdsa_get_address_segwit_p2sh(const uint8_t *pub_key, uint32_t version,
                                   HasherType hasher_pubkey,
                                   HasherType hasher_base58, char *addr,
                                   int addrsize) {
-  uint8_t raw[MAX_ADDR_RAW_SIZE];
+  uint8_t raw[MAX_ADDR_RAW_SIZE] = {0};
  size_t prefix_len = address_prefix_bytes_len(version);
  ecdsa_get_address_segwit_p2sh_raw(pub_key, version, hasher_pubkey, raw);
  base58_encode_check(raw, prefix_len + 20, hasher_base58, addr, addrsize);
@ -867,7 +867,7 @@ void ecdsa_get_address_segwit_p2sh(const uint8_t *pub_key, uint32_t version,

 void ecdsa_get_wif(const uint8_t *priv_key, uint32_t version,
                   HasherType hasher_base58, char *wif, int wifsize) {
-  uint8_t wif_raw[MAX_WIF_RAW_SIZE];
+  uint8_t wif_raw[MAX_WIF_RAW_SIZE] = {0};
  size_t prefix_len = address_prefix_bytes_len(version);
  address_write_prefix_bytes(version, wif_raw);
  memcpy(wif_raw + prefix_len, priv_key, 32);
@ -931,7 +931,7 @@ int ecdsa_read_pubkey(const ecdsa_curve *curve, const uint8_t *pub_key,
 //   - pub is on the curve.

 int ecdsa_validate_pubkey(const ecdsa_curve *curve, const curve_point *pub) {
-  bignum256 y_2, x3_ax_b;
+  bignum256 y_2 = {0}, x3_ax_b = {0};

  if (point_is_infinity(pub)) {
    return 0;
@ -972,7 +972,7 @@ int ecdsa_validate_pubkey(const ecdsa_curve *curve, const curve_point *pub) {
 int ecdsa_verify(const ecdsa_curve *curve, HasherType hasher_sign,
                 const uint8_t *pub_key, const uint8_t *sig, const uint8_t *msg,
                 uint32_t msg_len) {
-  uint8_t hash[32];
+  uint8_t hash[32] = {0};
  hasher_Raw(hasher_sign, msg, msg_len, hash);
  int res = ecdsa_verify_digest(curve, pub_key, sig, hash);
  memzero(hash, sizeof(hash));
@ -984,8 +984,8 @@ int ecdsa_verify(const ecdsa_curve *curve, HasherType hasher_sign,
 int ecdsa_recover_pub_from_sig(const ecdsa_curve *curve, uint8_t *pub_key,
                               const uint8_t *sig, const uint8_t *digest,
                               int recid) {
-  bignum256 r, s, e;
-  curve_point cp, cp2;
+  bignum256 r = {0}, s = {0}, e = {0};
+  curve_point cp = {0}, cp2 = {0};

  // read r and s
  bn_read_be(sig, &r);
@ -1033,8 +1033,8 @@ int ecdsa_recover_pub_from_sig(const ecdsa_curve *curve, uint8_t *pub_key,
 // returns 0 if verification succeeded
 int ecdsa_verify_digest(const ecdsa_curve *curve, const uint8_t *pub_key,
                        const uint8_t *sig, const uint8_t *digest) {
-  curve_point pub, res;
-  bignum256 r, s, z;
+  curve_point pub = {0}, res = {0};
+  bignum256 r = {0}, s = {0}, z = {0};

  if (!ecdsa_read_pubkey(curve, pub_key, &pub)) {
    return 1;
@ -1087,8 +1087,8 @@ int ecdsa_verify_digest(const ecdsa_curve *curve, const uint8_t *pub_key,
 }

 int ecdsa_sig_to_der(const uint8_t *sig, uint8_t *der) {
-  int i;
-  uint8_t *p = der, *len, *len1, *len2;
+  int i = 0;
+  uint8_t *p = der, *len = NULL, *len1 = NULL, *len2 = NULL;
  *p = 0x30;
  p++;  // sequence
  *p = 0x00;
--- a/crypto/ed25519-donna/curve25519-donna-32bit.c
+++ b/crypto/ed25519-donna/curve25519-donna-32bit.c
@ -39,7 +39,7 @@ void curve25519_add(bignum25519 out, const bignum25519 a, const bignum25519 b) {
 }

 void curve25519_add_after_basic(bignum25519 out, const bignum25519 a, const bignum25519 b) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = a[0] + b[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = a[1] + b[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = a[2] + b[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -54,7 +54,7 @@ void curve25519_add_after_basic(bignum25519 out, const bignum25519 a, const bign
 }

 void curve25519_add_reduce(bignum25519 out, const bignum25519 a, const bignum25519 b) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = a[0] + b[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = a[1] + b[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = a[2] + b[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -78,7 +78,7 @@ static const uint32_t fourP2468   = 0x0ffffffc;

 /* out = a - b */
 void curve25519_sub(bignum25519 out, const bignum25519 a, const bignum25519 b) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = twoP0     + a[0] - b[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = twoP13579 + a[1] - b[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = twoP2468  + a[2] - b[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -93,8 +93,8 @@ void curve25519_sub(bignum25519 out, const bignum25519 a, const bignum25519 b) {

 /* out = in * scalar */
 void curve25519_scalar_product(bignum25519 out, const bignum25519 in, const uint32_t scalar) {
-	uint64_t a;
-	uint32_t c;
+	uint64_t a = 0;
+	uint32_t c = 0;
 	a = mul32x32_64(in[0], scalar);     out[0] = (uint32_t)a & reduce_mask_26; c = (uint32_t)(a >> 26);
 	a = mul32x32_64(in[1], scalar) + c; out[1] = (uint32_t)a & reduce_mask_25; c = (uint32_t)(a >> 25);
 	a = mul32x32_64(in[2], scalar) + c; out[2] = (uint32_t)a & reduce_mask_26; c = (uint32_t)(a >> 26);
@ -110,7 +110,7 @@ void curve25519_scalar_product(bignum25519 out, const bignum25519 in, const uint

 /* out = a - b, where a is the result of a basic op (add,sub) */
 void curve25519_sub_after_basic(bignum25519 out, const bignum25519 a, const bignum25519 b) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = fourP0     + a[0] - b[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = fourP13579 + a[1] - b[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = fourP2468  + a[2] - b[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -125,7 +125,7 @@ void curve25519_sub_after_basic(bignum25519 out, const bignum25519 a, const bign
 }

 void curve25519_sub_reduce(bignum25519 out, const bignum25519 a, const bignum25519 b) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = fourP0     + a[0] - b[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = fourP13579 + a[1] - b[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = fourP2468  + a[2] - b[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -141,7 +141,7 @@ void curve25519_sub_reduce(bignum25519 out, const bignum25519 a, const bignum255

 /* out = -a */
 void curve25519_neg(bignum25519 out, const bignum25519 a) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = twoP0     - a[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = twoP13579 - a[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = twoP2468  - a[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -158,10 +158,10 @@ void curve25519_neg(bignum25519 out, const bignum25519 a) {
 /* out = a * b */
 #define curve25519_mul_noinline curve25519_mul
 void curve25519_mul(bignum25519 out, const bignum25519 a, const bignum25519 b) {
-	uint32_t r0,r1,r2,r3,r4,r5,r6,r7,r8,r9;
-	uint32_t s0,s1,s2,s3,s4,s5,s6,s7,s8,s9;
-	uint64_t m0,m1,m2,m3,m4,m5,m6,m7,m8,m9,c;
-	uint32_t p;
+	uint32_t r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0, r5 = 0, r6 = 0, r7 = 0, r8 = 0, r9 = 0;
+	uint32_t s0 = 0, s1 = 0, s2 = 0, s3 = 0, s4 = 0, s5 = 0, s6 = 0, s7 = 0, s8 = 0, s9 = 0;
+	uint64_t m0 = 0, m1 = 0, m2 = 0, m3 = 0, m4 = 0, m5 = 0, m6 = 0, m7 = 0, m8 = 0, m9 = 0, c = 0;
+	uint32_t p = 0;

 	r0 = b[0];
 	r1 = b[1];
@ -255,10 +255,10 @@ void curve25519_mul(bignum25519 out, const bignum25519 a, const bignum25519 b) {

 /* out = in * in */
 void curve25519_square(bignum25519 out, const bignum25519 in) {
-	uint32_t r0,r1,r2,r3,r4,r5,r6,r7,r8,r9;
-	uint32_t d6,d7,d8,d9;
-	uint64_t m0,m1,m2,m3,m4,m5,m6,m7,m8,m9,c;
-	uint32_t p;
+	uint32_t r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0, r5 = 0, r6 = 0, r7 = 0, r8 = 0, r9 = 0;
+	uint32_t d6 = 0, d7 = 0, d8 = 0, d9 = 0;
+	uint64_t m0 = 0, m1 = 0, m2 = 0, m3 = 0, m4 = 0, m5 = 0, m6 = 0, m7 = 0, m8 = 0, m9 = 0, c = 0;
+	uint32_t p = 0;

 	r0 = in[0];
 	r1 = in[1];
@ -328,10 +328,10 @@ void curve25519_square(bignum25519 out, const bignum25519 in) {

 /* out = in ^ (2 * count) */
 void curve25519_square_times(bignum25519 out, const bignum25519 in, int count) {
-	uint32_t r0,r1,r2,r3,r4,r5,r6,r7,r8,r9;
-	uint32_t d6,d7,d8,d9;
-	uint64_t m0,m1,m2,m3,m4,m5,m6,m7,m8,m9,c;
-	uint32_t p;
+	uint32_t r0 = 0, r1 = 0, r2 = 0, r3 = 0, r4 = 0, r5 = 0, r6 = 0, r7 = 0, r8 = 0, r9 = 0;
+	uint32_t d6 = 0, d7 = 0, d8 = 0, d9 = 0;
+	uint64_t m0 = 0, m1 = 0, m2 = 0, m3 = 0, m4 = 0, m5 = 0, m6 = 0, m7 = 0, m8 = 0, m9 = 0, c = 0;
+	uint32_t p = 0;

 	r0 = in[0];
 	r1 = in[1];
@ -403,7 +403,7 @@ void curve25519_square_times(bignum25519 out, const bignum25519 in, int count) {

 /* Take a little-endian, 32-byte number and expand it into polynomial form */
 void curve25519_expand(bignum25519 out, const unsigned char in[32]) {
-	uint32_t x0,x1,x2,x3,x4,x5,x6,x7;
+	uint32_t x0 = 0, x1 = 0, x2 = 0, x3 = 0, x4 = 0, x5 = 0, x6 = 0, x7 = 0;
 	#define F(s)							 \
 			((((uint32_t)in[s + 0])      ) | \
 			 (((uint32_t)in[s + 1]) <<  8) | \
@ -435,7 +435,7 @@ void curve25519_expand(bignum25519 out, const unsigned char in[32]) {
 * little-endian, 32-byte array
 */
 void curve25519_contract(unsigned char out[32], const bignum25519 in) {
-	bignum25519 f;
+	bignum25519 f = {0};
 	curve25519_copy(f, in);

 	#define carry_pass() \
@ -517,7 +517,7 @@ void curve25519_contract(unsigned char out[32], const bignum25519 in) {
 /* if (iswap) swap(a, b) */
 void curve25519_swap_conditional(bignum25519 a, bignum25519 b, uint32_t iswap) {
 	const uint32_t swap = (uint32_t)(-(int32_t)iswap);
-	uint32_t x0,x1,x2,x3,x4,x5,x6,x7,x8,x9;
+	uint32_t x0 = 0, x1 = 0, x2 = 0, x3 = 0, x4 = 0, x5 = 0, x6 = 0, x7 = 0, x8 = 0, x9 = 0;

 	x0 = swap & (a[0] ^ b[0]); a[0] ^= x0; b[0] ^= x0;
 	x1 = swap & (a[1] ^ b[1]); a[1] ^= x1; b[1] ^= x1;
@ -557,13 +557,13 @@ void curve25519_set_sqrtneg1(bignum25519 r){
 }

 int curve25519_isnegative(const bignum25519 f) {
-	unsigned char s[32];
+	unsigned char s[32] = {0};
 	curve25519_contract(s, f);
 	return s[0] & 1;
 }

 int curve25519_isnonzero(const bignum25519 f) {
-	unsigned char s[32];
+	unsigned char s[32] = {0};
 	curve25519_contract(s, f);
 	return ((((int) (s[0] | s[1] | s[2] | s[3] | s[4] | s[5] | s[6] | s[7] | s[8] |
 									s[9] | s[10] | s[11] | s[12] | s[13] | s[14] | s[15] | s[16] | s[17] |
@ -572,7 +572,7 @@ int curve25519_isnonzero(const bignum25519 f) {
 }

 void curve25519_reduce(bignum25519 out, const bignum25519 in) {
-	uint32_t c;
+	uint32_t c = 0;
 	out[0] = in[0]    ; c = (out[0] >> 26); out[0] &= reduce_mask_26;
 	out[1] = in[1] + c; c = (out[1] >> 25); out[1] &= reduce_mask_25;
 	out[2] = in[2] + c; c = (out[2] >> 26); out[2] &= reduce_mask_26;
@ -588,7 +588,7 @@ void curve25519_reduce(bignum25519 out, const bignum25519 in) {

 void curve25519_divpowm1(bignum25519 r, const bignum25519 u, const bignum25519 v) {
 	bignum25519 v3={0}, uv7={0}, t0={0}, t1={0}, t2={0};
-	int i;
+	int i = 0;

 	curve25519_square(v3, v);
 	curve25519_mul(v3, v3, v); /* v3 = v^3 */
@ -650,7 +650,7 @@ void curve25519_divpowm1(bignum25519 r, const bignum25519 u, const bignum25519 v
 }

 void curve25519_expand_reduce(bignum25519 out, const unsigned char in[32]) {
-  uint32_t x0,x1,x2,x3,x4,x5,x6,x7;
+  uint32_t x0 = 0, x1 = 0, x2 = 0, x3 = 0, x4 = 0, x5 = 0, x6 = 0, x7 = 0;
 #define F(s) \
 			((((uint32_t)in[s + 0])      ) | \
 			 (((uint32_t)in[s + 1]) <<  8) | \
--- a/crypto/ed25519-donna/curve25519-donna-scalarmult-base.c
+++ b/crypto/ed25519-donna/curve25519-donna-scalarmult-base.c
@ -9,10 +9,10 @@
 */

 void curve25519_scalarmult_donna(curve25519_key mypublic, const curve25519_key n, const curve25519_key basepoint) {
-	bignum25519 nqpqx = {1}, nqpqz = {0}, nqz = {1}, nqx;
-	bignum25519 q, qx, qpqx, qqx, zzz, zmone;
-	size_t bit, lastbit;
-	int32_t i;
+	bignum25519 nqpqx = {1}, nqpqz = {0}, nqz = {1}, nqx = {0};
+	bignum25519 q = {0}, qx = {0}, qpqx = {0}, qqx = {0}, zzz = {0}, zmone = {0};
+	size_t bit = 0, lastbit = 0;
+	int32_t i = 0;

 	curve25519_expand(q, basepoint);
 	curve25519_copy(nqx, q);
--- a/crypto/ed25519-donna/ed25519-donna-impl-base.c
+++ b/crypto/ed25519-donna/ed25519-donna-impl-base.c
@ -67,7 +67,7 @@ void ge25519_full_to_pniels(ge25519_pniels *p, const ge25519 *r) {
 */

 void ge25519_double_p1p1(ge25519_p1p1 *r, const ge25519 *p) {
-	bignum25519 a,b,c;
+	bignum25519 a = {0}, b = {0}, c = {0};

 	curve25519_square(a, p->x);
 	curve25519_square(b, p->y);
@ -85,7 +85,7 @@ void ge25519_double_p1p1(ge25519_p1p1 *r, const ge25519 *p) {
 void ge25519_nielsadd2_p1p1(ge25519_p1p1 *r, const ge25519 *p, const ge25519_niels *q, unsigned char signbit) {
 	const bignum25519 *qb = (const bignum25519 *)q;
 	bignum25519 *rb = (bignum25519 *)r;
-	bignum25519 a,b,c;
+	bignum25519 a = {0}, b = {0}, c = {0};

 	curve25519_sub(a, p->y, p->x);
 	curve25519_add(b, p->y, p->x);
@ -104,7 +104,7 @@ void ge25519_nielsadd2_p1p1(ge25519_p1p1 *r, const ge25519 *p, const ge25519_nie
 void ge25519_pnielsadd_p1p1(ge25519_p1p1 *r, const ge25519 *p, const ge25519_pniels *q, unsigned char signbit) {
 	const bignum25519 *qb = (const bignum25519 *)q;
 	bignum25519 *rb = (bignum25519 *)r;
-	bignum25519 a,b,c;
+	bignum25519 a = {0}, b = {0}, c = {0};

 	curve25519_sub(a, p->y, p->x);
 	curve25519_add(b, p->y, p->x);
@ -121,19 +121,19 @@ void ge25519_pnielsadd_p1p1(ge25519_p1p1 *r, const ge25519 *p, const ge25519_pni
 }

 void ge25519_double_partial(ge25519 *r, const ge25519 *p) {
-	ge25519_p1p1 t;
+	ge25519_p1p1 t = {0};
 	ge25519_double_p1p1(&t, p);
 	ge25519_p1p1_to_partial(r, &t);
 }

 void ge25519_double(ge25519 *r, const ge25519 *p) {
-	ge25519_p1p1 t;
+	ge25519_p1p1 t = {0};
 	ge25519_double_p1p1(&t, p);
 	ge25519_p1p1_to_full(r, &t);
 }

 void ge25519_nielsadd2(ge25519 *r, const ge25519_niels *q) {
-	bignum25519 a,b,c,e,f,g,h;
+	bignum25519 a = {0}, b = {0}, c = {0}, e = {0}, f = {0}, g = {0}, h = {0};

 	curve25519_sub(a, r->y, r->x);
 	curve25519_add(b, r->y, r->x);
@ -152,7 +152,7 @@ void ge25519_nielsadd2(ge25519 *r, const ge25519_niels *q) {
 }

 void ge25519_pnielsadd(ge25519_pniels *r, const ge25519 *p, const ge25519_pniels *q) {
-	bignum25519 a,b,c,x,y,z,t;
+	bignum25519 a = {0}, b = {0}, c = {0}, x = {0}, y = {0}, z = {0}, t = {0};

 	curve25519_sub(a, p->y, p->x);
 	curve25519_add(b, p->y, p->x);
@ -181,8 +181,8 @@ void ge25519_pnielsadd(ge25519_pniels *r, const ge25519 *p, const ge25519_pniels
 */

 void ge25519_pack(unsigned char r[32], const ge25519 *p) {
-	bignum25519 tx, ty, zi;
-	unsigned char parity[32];
+	bignum25519 tx = {0}, ty = {0}, zi = {0};
+	unsigned char parity[32] = {0};
 	curve25519_recip(zi, p->z);
 	curve25519_mul(tx, p->x, zi);
 	curve25519_mul(ty, p->y, zi);
@ -195,8 +195,8 @@ int ge25519_unpack_negative_vartime(ge25519 *r, const unsigned char p[32]) {
 	const unsigned char zero[32] = {0};
 	const bignum25519 one = {1};
 	unsigned char parity = p[31] >> 7;
-	unsigned char check[32];
-	bignum25519 t, root, num, den, d3;
+	unsigned char check[32] = {0};
+	bignum25519 t = {0}, root = {0}, num = {0}, den = {0}, d3 = {0};

 	curve25519_expand(r->y, p);
 	curve25519_copy(r->z, one);
@ -262,14 +262,14 @@ void ge25519_set_neutral(ge25519 *r)

 /* computes [s1]p1 + [s2]base */
 void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256modm s1, const bignum256modm s2) {
-	signed char slide1[256], slide2[256];
-	ge25519_pniels pre1[S1_TABLE_SIZE];
+	signed char slide1[256] = {0}, slide2[256] = {0};
+	ge25519_pniels pre1[S1_TABLE_SIZE] = {0};
 #ifdef ED25519_NO_PRECOMP
-	ge25519_pniels pre2[S2_TABLE_SIZE];
+	ge25519_pniels pre2[S2_TABLE_SIZE] = {0};
 #endif
-	ge25519 dp;
-	ge25519_p1p1 t;
-	int32_t i;
+	ge25519 dp = {0};
+	ge25519_p1p1 t = {0};
+	int32_t i = 0;

 	memzero(&t, sizeof(ge25519_p1p1));
 	contract256_slidingwindow_modm(slide1, s1, S1_SWINDOWSIZE);
@ -320,12 +320,12 @@ void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bign
 /* computes [s1]p1 + [s2]p2 */
 #if USE_MONERO
 void ge25519_double_scalarmult_vartime2(ge25519 *r, const ge25519 *p1, const bignum256modm s1, const ge25519 *p2, const bignum256modm s2) {
-	signed char slide1[256], slide2[256];
-	ge25519_pniels pre1[S1_TABLE_SIZE];
-	ge25519_pniels pre2[S1_TABLE_SIZE];
-	ge25519 dp;
-	ge25519_p1p1 t;
-	int32_t i;
+	signed char slide1[256] = {0}, slide2[256] = {0};
+	ge25519_pniels pre1[S1_TABLE_SIZE] = {0};
+	ge25519_pniels pre2[S1_TABLE_SIZE] = {0};
+	ge25519 dp = {0};
+	ge25519_p1p1 t = {0};
+	int32_t i = 0;

 	memzero(&t, sizeof(ge25519_p1p1));
 	contract256_slidingwindow_modm(slide1, s1, S1_SWINDOWSIZE);
@ -378,7 +378,7 @@ void ge25519_double_scalarmult_vartime2(ge25519 *r, const ge25519 *p1, const big
 * with less than i686 on x86
 */
 static void ge25519_cmove_stride4(long * r, long * p, long * pos, long * n, int stride) {
-  long x0=r[0], x1=r[1], x2=r[2], x3=r[3], y0, y1, y2, y3;
+  long x0=r[0], x1=r[1], x2=r[2], x3=r[3], y0 = 0, y1 = 0, y2 = 0, y3 = 0;
  for(; p<n; p+=stride) {
    volatile int flag=(p==pos);
    y0 = p[0];
@ -398,7 +398,7 @@ static void ge25519_cmove_stride4(long * r, long * p, long * pos, long * n, int
 #define HAS_CMOVE_STRIDE4

 static void ge25519_cmove_stride4b(long * r, long * p, long * pos, long * n, int stride) {
-  long x0=p[0], x1=p[1], x2=p[2], x3=p[3], y0, y1, y2, y3;
+  long x0=p[0], x1=p[1], x2=p[2], x3=p[3], y0 = 0, y1 = 0, y2 = 0, y3 = 0;
  for(p+=stride; p<n; p+=stride) {
    volatile int flag=(p==pos);
    y0 = p[0];
@ -419,7 +419,7 @@ static void ge25519_cmove_stride4b(long * r, long * p, long * pos, long * n, int

 void ge25519_move_conditional_pniels_array(ge25519_pniels * r, const ge25519_pniels * p, int pos, int n) {
 #ifdef HAS_CMOVE_STRIDE4B
-  size_t i;
+  size_t i = 0;
  for(i=0; i<sizeof(ge25519_pniels)/sizeof(long); i+=4) {
    ge25519_cmove_stride4b(((long*)r)+i,
 			   ((long*)p)+i,
@ -428,7 +428,7 @@ void ge25519_move_conditional_pniels_array(ge25519_pniels * r, const ge25519_pni
 			   sizeof(ge25519_pniels)/sizeof(long));
  }
 #else
-  size_t i;
+  size_t i = 0;
  for(i=0; i<n; i++) {
    ge25519_move_conditional_pniels(r, p+i, pos==i);
  }
@ -436,7 +436,7 @@ void ge25519_move_conditional_pniels_array(ge25519_pniels * r, const ge25519_pni
 }

 void ge25519_move_conditional_niels_array(ge25519_niels * r, const uint8_t p[8][96], int pos, int n) {
-  size_t i;
+  size_t i = 0;
  for(i=0; i<96/sizeof(long); i+=4) {
    ge25519_cmove_stride4(((long*)r)+i,
 			  ((long*)p)+i,
@ -448,12 +448,12 @@ void ge25519_move_conditional_niels_array(ge25519_niels * r, const uint8_t p[8][

 /* computes [s1]p1, constant time */
 void ge25519_scalarmult(ge25519 *r, const ge25519 *p1, const bignum256modm s1) {
-	signed char slide1[64];
-	ge25519_pniels pre1[9];
-	ge25519_pniels pre;
-	ge25519 d1;
-	ge25519_p1p1 t;
-	int32_t i;
+	signed char slide1[64] = {0};
+	ge25519_pniels pre1[9] = {0};
+	ge25519_pniels pre = {0};
+	ge25519 d1 = {0};
+	ge25519_p1p1 t = {0};
+	int32_t i = 0;

 	contract256_window4_modm(slide1, s1);

@ -484,7 +484,7 @@ void ge25519_scalarmult(ge25519 *r, const ge25519 *p1, const bignum256modm s1) {
 }

 void ge25519_scalarmult_base_choose_niels(ge25519_niels *t, const uint8_t table[256][96], uint32_t pos, signed char b) {
-	bignum25519 neg;
+	bignum25519 neg = {0};
 	uint32_t sign = (uint32_t)((unsigned char)b >> 7);
 	uint32_t mask = ~(sign - 1);
 	uint32_t u = (b + mask) ^ mask;
@ -509,9 +509,9 @@ void ge25519_scalarmult_base_choose_niels(ge25519_niels *t, const uint8_t table[

 /* computes [s]basepoint */
 void ge25519_scalarmult_base_niels(ge25519 *r, const uint8_t basepoint_table[256][96], const bignum256modm s) {
-	signed char b[64];
-	uint32_t i;
-	ge25519_niels t;
+	signed char b[64] = {0};
+	uint32_t i = 0;
+	ge25519_niels t = {0};

 	contract256_window4_modm(b, s);

@ -620,7 +620,7 @@ void ge25519_reduce(ge25519 *r, const ge25519 *t){
 }

 void ge25519_norm(ge25519 *r, const ge25519 * t){
-	bignum25519 zinv;
+	bignum25519 zinv = {0};
 	curve25519_recip(zinv, t->z);
 	curve25519_mul(r->x, t->x, zinv);
 	curve25519_mul(r->y, t->y, zinv);
@ -629,8 +629,8 @@ void ge25519_norm(ge25519 *r, const ge25519 * t){
 }

 void ge25519_add(ge25519 *r, const ge25519 *p, const ge25519 *q, unsigned char signbit) {
-	ge25519_pniels P_ni;
-	ge25519_p1p1 P_11;
+	ge25519_pniels P_ni = {0};
+	ge25519_p1p1 P_11 = {0};

 	ge25519_full_to_pniels(&P_ni, q);
 	ge25519_pnielsadd_p1p1(&P_11, p, &P_ni, signbit);
@ -639,7 +639,7 @@ void ge25519_add(ge25519 *r, const ge25519 *p, const ge25519 *q, unsigned char s

 void ge25519_fromfe_frombytes_vartime(ge25519 *r, const unsigned char *s){
 	bignum25519 u={0}, v={0}, w={0}, x={0}, y={0}, z={0};
-	unsigned char sign;
+	unsigned char sign = 0;

 	curve25519_expand_reduce(u, s);

--- a/crypto/ed25519-donna/ed25519.c
+++ b/crypto/ed25519-donna/ed25519.c
@ -42,9 +42,9 @@ ed25519_hram(hash_512bits hram, const ed25519_signature RS, const ed25519_public

 void
 ED25519_FN(ed25519_publickey) (const ed25519_secret_key sk, ed25519_public_key pk) {
-	bignum256modm a;
+	bignum256modm a = {0};
 	ge25519 ALIGN(16) A;
-	hash_512bits extsk;
+	hash_512bits extsk = {0};

 	/* A = aB */
 	ed25519_extsk(extsk, sk);
@ -57,9 +57,9 @@ ED25519_FN(ed25519_publickey) (const ed25519_secret_key sk, ed25519_public_key p
 #if USE_CARDANO
 void
 ED25519_FN(ed25519_publickey_ext) (const ed25519_secret_key sk, const ed25519_secret_key skext, ed25519_public_key pk) {
-	bignum256modm a;
+	bignum256modm a = {0};
 	ge25519 ALIGN(16) A;
-	hash_512bits extsk;
+	hash_512bits extsk = {0};

 	/* we don't stretch the key through hashing first since its already 64 bytes */

@ -73,8 +73,8 @@ ED25519_FN(ed25519_publickey_ext) (const ed25519_secret_key sk, const ed25519_se

 void
 ED25519_FN(ed25519_cosi_sign) (const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_secret_key nonce, const ed25519_public_key R, const ed25519_public_key pk, ed25519_cosi_signature sig) {
-	bignum256modm r, S, a;
-	hash_512bits extsk, extnonce, hram;
+	bignum256modm r = {0}, S = {0}, a = {0};
+	hash_512bits extsk = {0}, extnonce = {0}, hram = {0};

 	ed25519_extsk(extsk, sk);
 	ed25519_extsk(extnonce, nonce);
@ -100,9 +100,9 @@ ED25519_FN(ed25519_cosi_sign) (const unsigned char *m, size_t mlen, const ed2551
 void
 ED25519_FN(ed25519_sign) (const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_public_key pk, ed25519_signature RS) {
 	ed25519_hash_context ctx;
-	bignum256modm r, S, a;
-	ge25519 ALIGN(16) R;
-	hash_512bits extsk, hashr, hram;
+	bignum256modm r = {0}, S = {0}, a = {0};
+	ge25519 ALIGN(16) R = {0};
+	hash_512bits extsk = {0}, hashr = {0}, hram = {0};

 	ed25519_extsk(extsk, sk);

@ -137,9 +137,9 @@ ED25519_FN(ed25519_sign) (const unsigned char *m, size_t mlen, const ed25519_sec
 void
 ED25519_FN(ed25519_sign_ext) (const unsigned char *m, size_t mlen, const ed25519_secret_key sk, const ed25519_secret_key skext, const ed25519_public_key pk, ed25519_signature RS) {
 	ed25519_hash_context ctx;
-	bignum256modm r, S, a;
-	ge25519 ALIGN(16) R;
-	hash_512bits extsk, hashr, hram;
+	bignum256modm r = {0}, S = {0}, a = {0};
+	ge25519 ALIGN(16) R = {0};
+	hash_512bits extsk = {0}, hashr = {0}, hram = {0};

 	/* we don't stretch the key through hashing first since its already 64 bytes */
 	
@ -177,9 +177,9 @@ ED25519_FN(ed25519_sign_ext) (const unsigned char *m, size_t mlen, const ed25519
 int
 ED25519_FN(ed25519_sign_open) (const unsigned char *m, size_t mlen, const ed25519_public_key pk, const ed25519_signature RS) {
 	ge25519 ALIGN(16) R, A;
-	hash_512bits hash;
-	bignum256modm hram, S;
-	unsigned char checkR[32];
+	hash_512bits hash = {0};
+	bignum256modm hram = {0}, S = {0};
+	unsigned char checkR[32] = {0};

 	if ((RS[63] & 224) || !ge25519_unpack_negative_vartime(&A, pk))
 		return -1;
@ -203,9 +203,9 @@ ED25519_FN(ed25519_sign_open) (const unsigned char *m, size_t mlen, const ed2551

 int
 ED25519_FN(ed25519_scalarmult) (ed25519_public_key res, const ed25519_secret_key sk, const ed25519_public_key pk) {
-	bignum256modm a;
+	bignum256modm a = {0};
 	ge25519 ALIGN(16) A, P;
-	hash_512bits extsk;
+	hash_512bits extsk = {0};

 	ed25519_extsk(extsk, sk);
 	expand256_modm(a, extsk, 32);
@ -228,9 +228,9 @@ ED25519_FN(ed25519_scalarmult) (ed25519_public_key res, const ed25519_secret_key
 int
 ed25519_cosi_combine_publickeys(ed25519_public_key res, CONST ed25519_public_key *pks, size_t n) {
 	size_t i = 0;
-	ge25519 P;
-	ge25519_pniels sump;
-	ge25519_p1p1 sump1;
+	ge25519 P = {0};
+	ge25519_pniels sump = {0};
+	ge25519_p1p1 sump1 = {0};

 	if (n == 1) {
 		memcpy(res, pks, sizeof(ed25519_public_key));
@ -258,7 +258,7 @@ ed25519_cosi_combine_publickeys(ed25519_public_key res, CONST ed25519_public_key

 void
 ed25519_cosi_combine_signatures(ed25519_signature res, const ed25519_public_key R, CONST ed25519_cosi_signature *sigs, size_t n) {
-	bignum256modm s, t;
+	bignum256modm s = {0}, t = {0};
 	size_t i = 0;

 	expand256_modm(s, sigs[i++], 32);
@ -275,11 +275,11 @@ ed25519_cosi_combine_signatures(ed25519_signature res, const ed25519_public_key
 */
 void
 curve25519_scalarmult_basepoint(curve25519_key pk, const curve25519_key e) {
-	curve25519_key ec;
-	bignum256modm s;
+	curve25519_key ec = {0};
+	bignum256modm s = {0};
 	bignum25519 ALIGN(16) yplusz, zminusy;
 	ge25519 ALIGN(16) p;
-	size_t i;
+	size_t i = 0;

 	/* clamp */
 	for (i = 0; i < 32; i++) ec[i] = e[i];
@ -302,8 +302,8 @@ curve25519_scalarmult_basepoint(curve25519_key pk, const curve25519_key e) {

 void
 curve25519_scalarmult(curve25519_key mypublic, const curve25519_key secret, const curve25519_key basepoint) {
-	curve25519_key e;
-	size_t i;
+	curve25519_key e = {0};
+	size_t i = 0;

 	for (i = 0;i < 32;++i) e[i] = secret[i];
 	e[0] &= 0xf8;
--- a/crypto/ed25519-donna/modm-donna-32bit.c
+++ b/crypto/ed25519-donna/modm-donna-32bit.c
@ -32,8 +32,8 @@ lt_modm(bignum256modm_element_t a, bignum256modm_element_t b) {

 /* see HAC, Alg. 14.42 Step 4 */
 void reduce256_modm(bignum256modm r) {
-	bignum256modm t;
-	bignum256modm_element_t b = 0, pb, mask;
+	bignum256modm t = {0};
+	bignum256modm_element_t b = 0, pb = 0, mask = 0;

 	/* t = r - m */
 	pb = 0;
@ -66,9 +66,9 @@ void reduce256_modm(bignum256modm r) {
 	Instead of passing in x, pre-process in to q1 and r1 for efficiency
 */
 void barrett_reduce256_modm(bignum256modm r, const bignum256modm q1, const bignum256modm r1) {
-	bignum256modm q3, r2;
-	uint64_t c;
-	bignum256modm_element_t f, b, pb;
+	bignum256modm q3 = {0}, r2 = {0};
+	uint64_t c = 0;
+	bignum256modm_element_t f = 0, b = 0, pb = 0;

 	/* q1 = x >> 248 = 264 bits = 9 30 bit elements
 	   q2 = mu * q1
@ -134,7 +134,7 @@ void barrett_reduce256_modm(bignum256modm r, const bignum256modm q1, const bignu

 /* addition modulo m */
 void add256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y) {
-	bignum256modm_element_t c;
+	bignum256modm_element_t c = 0;

 	c  = x[0] + y[0]; r[0] = c & 0x3fffffff; c >>= 30;
 	c += x[1] + y[1]; r[1] = c & 0x3fffffff; c >>= 30;
@ -151,7 +151,7 @@ void add256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y)

 /* -x modulo m */
 void neg256_modm(bignum256modm r, const bignum256modm x) {
-	bignum256modm_element_t b = 0, pb;
+	bignum256modm_element_t b = 0, pb = 0;

 	/* r = m - x */
 	pb = 0;
@ -191,9 +191,9 @@ void sub256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y)

 /* multiplication modulo m */
 void mul256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y) {
-	bignum256modm r1, q1;
-	uint64_t c;
-	bignum256modm_element_t f;
+	bignum256modm r1 = {0}, q1 = {0};
+	uint64_t c = 0;
+	bignum256modm_element_t f = 0;

 	/* r1 = (x mod 256^(32+1)) = x mod (2^8)(31+1) = x & ((1 << 264) - 1)
 	   q1 = x >> 248 = 264 bits = 9 30 bit elements */
@ -237,8 +237,8 @@ void mul256_modm(bignum256modm r, const bignum256modm x, const bignum256modm y)

 void expand256_modm(bignum256modm out, const unsigned char *in, size_t len) {
 	unsigned char work[64] = {0};
-	bignum256modm_element_t x[16];
-	bignum256modm q1;
+	bignum256modm_element_t x[16] = {0};
+	bignum256modm q1 = {0};

 	memcpy(work, in, len);
 	x[0] = U8TO32_LE(work +  0);
@ -288,7 +288,7 @@ void expand256_modm(bignum256modm out, const unsigned char *in, size_t len) {
 }

 void expand_raw256_modm(bignum256modm out, const unsigned char in[32]) {
-	bignum256modm_element_t x[8];
+	bignum256modm_element_t x[8] = {0};

 	x[0] = U8TO32_LE(in +  0);
 	x[1] = U8TO32_LE(in +  4);
@ -312,7 +312,7 @@ void expand_raw256_modm(bignum256modm out, const unsigned char in[32]) {

 int is_reduced256_modm(const bignum256modm in)
 {
-	int i;
+	int i = 0;
 	uint32_t res1 = 0;
 	uint32_t res2 = 0;
 	for (i = 8; i >= 0; i--) {
@ -334,9 +334,9 @@ void contract256_modm(unsigned char out[32], const bignum256modm in) {
 }

 void contract256_window4_modm(signed char r[64], const bignum256modm in) {
-	char carry;
+	char carry = 0;
 	signed char *quads = r;
-	bignum256modm_element_t i, j, v;
+	bignum256modm_element_t i = 0, j = 0, v = 0;

 	for (i = 0; i < 8; i += 2) {
 		v = in[i];
@ -369,10 +369,10 @@ void contract256_window4_modm(signed char r[64], const bignum256modm in) {
 }

 void contract256_slidingwindow_modm(signed char r[256], const bignum256modm s, int windowsize) {
-	int i,j,k,b;
+	int i = 0, j = 0, k = 0, b = 0;
 	int m = (1 << (windowsize - 1)) - 1, soplen = 256;
 	signed char *bits = r;
-	bignum256modm_element_t v;
+	bignum256modm_element_t v = 0;

 	/* first put the binary expansion into r  */
 	for (i = 0; i < 8; i++) {
--- a/crypto/groestl.c
+++ b/crypto/groestl.c
@ -350,7 +350,7 @@ static const sph_u32 T1dn[] = {
 };

 #define DECL_STATE_SMALL \
-	sph_u32 H[16];
+	sph_u32 H[16] = {0};

 #define READ_STATE_SMALL(sc)   do { \
 		memcpy(H, (sc)->state.narrow, sizeof H); \
@ -476,7 +476,7 @@ static const sph_u32 T1dn[] = {
 	} while (0)

 #define DECL_STATE_BIG \
-	sph_u32 H[32];
+	sph_u32 H[32] = {0};

 #define READ_STATE_BIG(sc)   do { \
 		memcpy(H, (sc)->state.narrow, sizeof H); \
@ -675,7 +675,7 @@ static const sph_u32 T1dn[] = {
 static void
 groestl_big_init(sph_groestl_big_context *sc, unsigned out_size)
 {
-	size_t u;
+	size_t u = 0;

 	sc->ptr = 0;
 	for (u = 0; u < 31; u ++)
@ -688,8 +688,8 @@ groestl_big_init(sph_groestl_big_context *sc, unsigned out_size)
 static void
 groestl_big_core(sph_groestl_big_context *sc, const void *data, size_t len)
 {
-	unsigned char *buf;
-	size_t ptr;
+	unsigned char *buf = NULL;
+	size_t ptr = 0;
 	DECL_STATE_BIG

 	buf = sc->buf;
@ -703,7 +703,7 @@ groestl_big_core(sph_groestl_big_context *sc, const void *data, size_t len)

 	READ_STATE_BIG(sc);
 	while (len > 0) {
-		size_t clen;
+		size_t clen = 0;

 		clen = (sizeof sc->buf) - ptr;
 		if (clen > len)
@ -726,10 +726,10 @@ static void
 groestl_big_close(sph_groestl_big_context *sc,
 	unsigned ub, unsigned n, void *dst, size_t out_len)
 {
-	unsigned char pad[136];
-	size_t ptr, pad_len, u2;
-	sph_u64 count;
-	unsigned z;
+	unsigned char pad[136] = {0};
+	size_t ptr = 0, pad_len = 0, u2 = 0;
+	sph_u64 count = 0;
+	unsigned z = 0;
 	DECL_STATE_BIG

 	ptr = sc->ptr;
@ -774,7 +774,7 @@ groestl512_Final(void *cc, void *dst)
 void
 groestl512_DoubleTrunc(void *cc, void *dst)
 {
-	char buf[64];
+	char buf[64] = {0};

 	groestl512_Final(cc, buf);
 	groestl512_Update(cc, buf, sizeof(buf));
--- a/crypto/hasher.c
+++ b/crypto/hasher.c
@ -139,7 +139,7 @@ void hasher_Final(Hasher *hasher, uint8_t hash[HASHER_DIGEST_LENGTH]) {

 void hasher_Raw(HasherType type, const uint8_t *data, size_t length,
                uint8_t hash[HASHER_DIGEST_LENGTH]) {
-  Hasher hasher;
+  Hasher hasher = {0};

  hasher_Init(&hasher, type);
  hasher_Update(&hasher, data, length);
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@ -83,7 +83,7 @@ void hmac_sha256_prepare(const uint8_t *key, const uint32_t keylen,

  /* compute o_key_pad and its digest */
  for (int i = 0; i < SHA256_BLOCK_LENGTH / (int)sizeof(uint32_t); i++) {
-    uint32_t data;
+    uint32_t data = 0;
 #if BYTE_ORDER == LITTLE_ENDIAN
    REVERSE32(key_pad[i], data);
 #else
@ -135,7 +135,7 @@ void hmac_sha512_Final(HMAC_SHA512_CTX *hctx, uint8_t *hmac) {

 void hmac_sha512(const uint8_t *key, const uint32_t keylen, const uint8_t *msg,
                 const uint32_t msglen, uint8_t *hmac) {
-  HMAC_SHA512_CTX hctx;
+  HMAC_SHA512_CTX hctx = {0};
  hmac_sha512_Init(&hctx, key, keylen);
  hmac_sha512_Update(&hctx, msg, msglen);
  hmac_sha512_Final(&hctx, hmac);
@ -157,7 +157,7 @@ void hmac_sha512_prepare(const uint8_t *key, const uint32_t keylen,

  /* compute o_key_pad and its digest */
  for (int i = 0; i < SHA512_BLOCK_LENGTH / (int)sizeof(uint64_t); i++) {
-    uint64_t data;
+    uint64_t data = 0;
 #if BYTE_ORDER == LITTLE_ENDIAN
    REVERSE64(key_pad[i], data);
 #else
--- a/crypto/hmac_drbg.c
+++ b/crypto/hmac_drbg.c
@ -38,7 +38,7 @@ static void update_k(HMAC_DRBG_CTX *ctx, uint8_t domain, const uint8_t *data1,
    ctx->v[8] = 0x80000000;
    ctx->v[15] = (SHA256_BLOCK_LENGTH + SHA256_DIGEST_LENGTH) * 8;
  } else {
-    SHA256_CTX sha_ctx;
+    SHA256_CTX sha_ctx = {0};
    memcpy(sha_ctx.state, ctx->idig, SHA256_DIGEST_LENGTH);
    for (size_t i = 0; i < SHA256_DIGEST_LENGTH / sizeof(uint32_t); i++) {
 #if BYTE_ORDER == LITTLE_ENDIAN
@ -86,7 +86,7 @@ static void update_v(HMAC_DRBG_CTX *ctx) {
 void hmac_drbg_init(HMAC_DRBG_CTX *ctx, const uint8_t *entropy,
                    size_t entropy_len, const uint8_t *nonce,
                    size_t nonce_len) {
-  uint32_t h[SHA256_BLOCK_LENGTH / sizeof(uint32_t)];
+  uint32_t h[SHA256_BLOCK_LENGTH / sizeof(uint32_t)] = {0};

  // Precompute the inner digest and outer digest of K = 0x00 ... 0x00.
  memset(h, 0x36, sizeof(h));
--- a/crypto/monero/base58.c
+++ b/crypto/monero/base58.c
@ -106,7 +106,7 @@ bool decode_block(const char* block, size_t size, char* res)
 		if (digit < 0)
 			return false; // Invalid symbol

-		uint64_t product_hi;
+		uint64_t product_hi = 0;
 		uint64_t tmp = res_num + mul128(order, (uint64_t) digit, &product_hi);
 		if (tmp < res_num || 0 != product_hi)
 			return false; // Overflow
@ -199,7 +199,7 @@ int xmr_base58_addr_encode_check(uint64_t tag, const uint8_t *data, size_t binsz
 	}

 	size_t b58size = b58sz;
-	uint8_t buf[binsz + 1 + HASHER_DIGEST_LENGTH];
+	uint8_t buf[(binsz + 1) + HASHER_DIGEST_LENGTH];
 	uint8_t *hash = buf + binsz + 1;
 	buf[0] = (uint8_t) tag;
 	memcpy(buf + 1, data, binsz);
@ -213,7 +213,7 @@ int xmr_base58_addr_decode_check(const char *addr, size_t sz, uint64_t *tag, voi
 {
 	size_t buflen = 1 + 64 + addr_checksum_size;
 	uint8_t buf[buflen];
-	uint8_t hash[HASHER_DIGEST_LENGTH];
+	uint8_t hash[HASHER_DIGEST_LENGTH] = {0};

 	if (!xmr_base58_decode(addr, sz, buf, &buflen)){
 		return 0;
--- a/crypto/monero/range_proof.c
+++ b/crypto/monero/range_proof.c
@ -5,15 +5,15 @@
 #include "range_proof.h"

 static void xmr_hash_ge25519_to_scalar(bignum256modm r, const ge25519 *p) {
-  unsigned char buff[32];
+  unsigned char buff[32] = {0};
  ge25519_pack(buff, p);
  xmr_hash_to_scalar(r, buff, sizeof(buff));
 }

 void xmr_gen_range_sig(xmr_range_sig_t *sig, ge25519 *C, bignum256modm mask,
                       xmr_amount amount, bignum256modm *last_mask) {
-  bignum256modm ai[64];
-  bignum256modm alpha[64];
+  bignum256modm ai[64] = {0};
+  bignum256modm alpha[64] = {0};
  xmr_gen_range_sig_ex(sig, C, mask, amount, last_mask, ai, alpha);
 }

@ -25,16 +25,16 @@ void xmr_gen_range_sig_ex(xmr_range_sig_t *sig, ge25519 *C, bignum256modm mask,
  bignum256modm si = {0};
  bignum256modm c = {0};
  bignum256modm ee = {0};
-  unsigned char buff[32];
+  unsigned char buff[32] = {0};

-  Hasher kck;
+  Hasher kck = {0};
  xmr_hasher_init(&kck);

-  ge25519 C_acc;
-  ge25519 C_h;
-  ge25519 C_tmp;
-  ge25519 L;
-  ge25519 Zero;
+  ge25519 C_acc = {0};
+  ge25519 C_h = {0};
+  ge25519 C_tmp = {0};
+  ge25519 L = {0};
+  ge25519 Zero = {0};

  ge25519_set_neutral(&Zero);
  ge25519_set_neutral(&C_acc);
--- a/crypto/monero/xmr.c
+++ b/crypto/monero/xmr.c
@ -44,14 +44,14 @@ void xmr_hasher_copy(Hasher *dst, const Hasher *src) {
 }

 void xmr_hash_to_scalar(bignum256modm r, const void *data, size_t length) {
-  uint8_t hash[HASHER_DIGEST_LENGTH];
+  uint8_t hash[HASHER_DIGEST_LENGTH] = {0};
  hasher_Raw(HASHER_SHA3K, data, length, hash);
  expand256_modm(r, hash, HASHER_DIGEST_LENGTH);
 }

 void xmr_hash_to_ec(ge25519 *P, const void *data, size_t length) {
-  ge25519 point2;
-  uint8_t hash[HASHER_DIGEST_LENGTH];
+  ge25519 point2 = {0};
+  uint8_t hash[HASHER_DIGEST_LENGTH] = {0};
  hasher_Raw(HASHER_SHA3K, data, length, hash);

  ge25519_fromfe_frombytes_vartime(&point2, hash);
@ -60,7 +60,7 @@ void xmr_hash_to_ec(ge25519 *P, const void *data, size_t length) {

 void xmr_derivation_to_scalar(bignum256modm s, const ge25519 *p,
                              uint32_t output_index) {
-  uint8_t buff[32 + 8];
+  uint8_t buff[32 + 8] = {0};
  ge25519_pack(buff, p);
  int written = xmr_write_varint(buff + 32, 8, output_index);
  xmr_hash_to_scalar(s, buff, 32u + written);
@ -68,7 +68,7 @@ void xmr_derivation_to_scalar(bignum256modm s, const ge25519 *p,

 void xmr_generate_key_derivation(ge25519 *r, const ge25519 *A,
                                 const bignum256modm b) {
-  ge25519 bA;
+  ge25519 bA = {0};
  ge25519_scalarmult(&bA, A, b);
  ge25519_mul8(r, &bA);
 }
@ -82,7 +82,7 @@ void xmr_derive_private_key(bignum256modm s, const ge25519 *deriv, uint32_t idx,
 void xmr_derive_public_key(ge25519 *r, const ge25519 *deriv, uint32_t idx,
                           const ge25519 *base) {
  bignum256modm s = {0};
-  ge25519 p2;
+  ge25519 p2 = {0};

  xmr_derivation_to_scalar(s, deriv, idx);
  ge25519_scalarmult_base_niels(&p2, ge25519_niels_base_multiples, s);
@ -92,7 +92,7 @@ void xmr_derive_public_key(ge25519 *r, const ge25519 *deriv, uint32_t idx,
 void xmr_add_keys2(ge25519 *r, const bignum256modm a, const bignum256modm b,
                   const ge25519 *B) {
  // aG + bB, G is basepoint
-  ge25519 aG, bB;
+  ge25519 aG = {0}, bB = {0};
  ge25519_scalarmult_base_niels(&aG, ge25519_niels_base_multiples, a);
  ge25519_scalarmult(&bB, B, b);
  ge25519_add(r, &aG, &bB, 0);
@ -107,7 +107,7 @@ void xmr_add_keys2_vartime(ge25519 *r, const bignum256modm a,
 void xmr_add_keys3(ge25519 *r, const bignum256modm a, const ge25519 *A,
                   const bignum256modm b, const ge25519 *B) {
  // aA + bB
-  ge25519 aA, bB;
+  ge25519 aA = {0}, bB = {0};
  ge25519_scalarmult(&aA, A, a);
  ge25519_scalarmult(&bB, B, b);
  ge25519_add(r, &aA, &bB, 0);
@ -122,10 +122,10 @@ void xmr_add_keys3_vartime(ge25519 *r, const bignum256modm a, const ge25519 *A,
 void xmr_get_subaddress_secret_key(bignum256modm r, uint32_t major,
                                   uint32_t minor, const bignum256modm m) {
  const char prefix[] = "SubAddr";
-  unsigned char buff[32];
+  unsigned char buff[32] = {0};
  contract256_modm(buff, m);

-  char data[sizeof(prefix) + sizeof(buff) + 2 * sizeof(uint32_t)];
+  char data[sizeof(prefix) + sizeof(buff) + 2 * sizeof(uint32_t)] = {0};
  memcpy(data, prefix, sizeof(prefix));
  memcpy(data + sizeof(prefix), buff, sizeof(buff));
  memcpy(data + sizeof(prefix) + sizeof(buff), &major, sizeof(uint32_t));
--- a/crypto/nem.c
+++ b/crypto/nem.c
@ -116,7 +116,7 @@ static inline bool nem_write_mosaic_bool(nem_transaction_ctx *ctx,

 static inline bool nem_write_mosaic_u64(nem_transaction_ctx *ctx,
                                        const char *name, uint64_t value) {
-  char buffer[21];
+  char buffer[21] = {0};

  if (bn_format_uint64(value, NULL, NULL, 0, 0, false, buffer,
                       sizeof(buffer)) == 0) {
@ -128,7 +128,7 @@ static inline bool nem_write_mosaic_u64(nem_transaction_ctx *ctx,

 void nem_get_address_raw(const ed25519_public_key public_key, uint8_t version,
                         uint8_t *address) {
-  uint8_t hash[SHA3_256_DIGEST_LENGTH];
+  uint8_t hash[SHA3_256_DIGEST_LENGTH] = {0};

  /* 1.  Perform 256-bit Sha3 on the public key */
  keccak_256(public_key, sizeof(ed25519_public_key), hash);
@ -151,7 +151,7 @@ void nem_get_address_raw(const ed25519_public_key public_key, uint8_t version,

 bool nem_get_address(const ed25519_public_key public_key, uint8_t version,
                     char *address) {
-  uint8_t pubkeyhash[NEM_ADDRESS_SIZE_RAW];
+  uint8_t pubkeyhash[NEM_ADDRESS_SIZE_RAW] = {0};

  nem_get_address_raw(public_key, version, pubkeyhash);

@ -167,7 +167,7 @@ bool nem_validate_address_raw(const uint8_t *address, uint8_t network) {
    return false;
  }

-  uint8_t hash[SHA3_256_DIGEST_LENGTH];
+  uint8_t hash[SHA3_256_DIGEST_LENGTH] = {0};

  keccak_256(address, 1 + RIPEMD160_DIGEST_LENGTH, hash);
  bool valid = (memcmp(&address[1 + RIPEMD160_DIGEST_LENGTH], hash, 4) == 0);
@ -177,7 +177,7 @@ bool nem_validate_address_raw(const uint8_t *address, uint8_t network) {
 }

 bool nem_validate_address(const char *address, uint8_t network) {
-  uint8_t pubkeyhash[NEM_ADDRESS_SIZE_RAW];
+  uint8_t pubkeyhash[NEM_ADDRESS_SIZE_RAW] = {0};

  if (strlen(address) != NEM_ADDRESS_SIZE) {
    return false;
@ -314,10 +314,10 @@ bool nem_transaction_create_multisig_signature(
      timestamp, signer, fee, deadline);
  if (!ret) return false;

-  char address[NEM_ADDRESS_SIZE + 1];
+  char address[NEM_ADDRESS_SIZE + 1] = {0};
  nem_get_address(inner->public_key, network, address);

-  uint8_t hash[SHA3_256_DIGEST_LENGTH];
+  uint8_t hash[SHA3_256_DIGEST_LENGTH] = {0};
  keccak_256(inner->buffer, inner->offset, hash);

  SERIALIZE_U32(sizeof(uint32_t) + SHA3_256_DIGEST_LENGTH);
@ -379,7 +379,7 @@ bool nem_transaction_create_mosaic_creation(
      sizeof(uint32_t) + namespace_length + sizeof(uint32_t) + mosaic_length;

  // This length will be rewritten later on
-  nem_transaction_ctx state;
+  nem_transaction_ctx state = {0};
  memcpy(&state, ctx, sizeof(state));

  SERIALIZE_U32(0);
--- a/crypto/pbkdf2.c
+++ b/crypto/pbkdf2.c
@ -30,7 +30,7 @@
 void pbkdf2_hmac_sha256_Init(PBKDF2_HMAC_SHA256_CTX *pctx, const uint8_t *pass,
                             int passlen, const uint8_t *salt, int saltlen,
                             uint32_t blocknr) {
-  SHA256_CTX ctx;
+  SHA256_CTX ctx = {0};
 #if BYTE_ORDER == LITTLE_ENDIAN
  REVERSE32(blocknr, blocknr);
 #endif
@ -88,10 +88,10 @@ void pbkdf2_hmac_sha256(const uint8_t *pass, int passlen, const uint8_t *salt,
    last_block_size = SHA256_DIGEST_LENGTH;
  }
  for (uint32_t blocknr = 1; blocknr <= blocks_count; blocknr++) {
-    PBKDF2_HMAC_SHA256_CTX pctx;
+    PBKDF2_HMAC_SHA256_CTX pctx = {0};
    pbkdf2_hmac_sha256_Init(&pctx, pass, passlen, salt, saltlen, blocknr);
    pbkdf2_hmac_sha256_Update(&pctx, iterations);
-    uint8_t digest[SHA256_DIGEST_LENGTH];
+    uint8_t digest[SHA256_DIGEST_LENGTH] = {0};
    pbkdf2_hmac_sha256_Final(&pctx, digest);
    uint32_t key_offset = (blocknr - 1) * SHA256_DIGEST_LENGTH;
    if (blocknr < blocks_count) {
@ -105,7 +105,7 @@ void pbkdf2_hmac_sha256(const uint8_t *pass, int passlen, const uint8_t *salt,
 void pbkdf2_hmac_sha512_Init(PBKDF2_HMAC_SHA512_CTX *pctx, const uint8_t *pass,
                             int passlen, const uint8_t *salt, int saltlen,
                             uint32_t blocknr) {
-  SHA512_CTX ctx;
+  SHA512_CTX ctx = {0};
 #if BYTE_ORDER == LITTLE_ENDIAN
  REVERSE32(blocknr, blocknr);
 #endif
@ -164,10 +164,10 @@ void pbkdf2_hmac_sha512(const uint8_t *pass, int passlen, const uint8_t *salt,
    last_block_size = SHA512_DIGEST_LENGTH;
  }
  for (uint32_t blocknr = 1; blocknr <= blocks_count; blocknr++) {
-    PBKDF2_HMAC_SHA512_CTX pctx;
+    PBKDF2_HMAC_SHA512_CTX pctx = {0};
    pbkdf2_hmac_sha512_Init(&pctx, pass, passlen, salt, saltlen, blocknr);
    pbkdf2_hmac_sha512_Update(&pctx, iterations);
-    uint8_t digest[SHA512_DIGEST_LENGTH];
+    uint8_t digest[SHA512_DIGEST_LENGTH] = {0};
    pbkdf2_hmac_sha512_Final(&pctx, digest);
    uint32_t key_offset = (blocknr - 1) * SHA512_DIGEST_LENGTH;
    if (blocknr < blocks_count) {
--- a/crypto/rand.c
+++ b/crypto/rand.c
@ -65,7 +65,7 @@ void __attribute__((weak)) random_buffer(uint8_t *buf, size_t len) {
 }

 uint32_t random_uniform(uint32_t n) {
-  uint32_t x, max = 0xFFFFFFFF - (0xFFFFFFFF % n);
+  uint32_t x = 0, max = 0xFFFFFFFF - (0xFFFFFFFF % n);
  while ((x = random32()) >= max)
    ;
  return x / (max / n);
--- a/crypto/rfc6979.c
+++ b/crypto/rfc6979.c
@ -39,7 +39,7 @@ void generate_rfc6979(uint8_t rnd[32], rfc6979_state *state) {
 // generate K in a deterministic way, according to RFC6979
 // http://tools.ietf.org/html/rfc6979
 void generate_k_rfc6979(bignum256 *k, rfc6979_state *state) {
-  uint8_t buf[32];
+  uint8_t buf[32] = {0};
  generate_rfc6979(buf, state);
  bn_read_be(buf, k);
  memzero(buf, sizeof(buf));
--- a/crypto/ripemd160.c
+++ b/crypto/ripemd160.c
@ -74,7 +74,7 @@ void ripemd160_Init(RIPEMD160_CTX *ctx)
 */
 void ripemd160_process( RIPEMD160_CTX *ctx, const uint8_t data[RIPEMD160_BLOCK_LENGTH] )
 {
-    uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
+    uint32_t A = 0, B = 0, C = 0, D = 0, E = 0, Ap = 0, Bp = 0, Cp = 0, Dp = 0, Ep = 0, X[16] = {0};

    GET_UINT32_LE( X[ 0], data,  0 );
    GET_UINT32_LE( X[ 1], data,  4 );
@ -255,8 +255,8 @@ void ripemd160_process( RIPEMD160_CTX *ctx, const uint8_t data[RIPEMD160_BLOCK_L
 */
 void ripemd160_Update( RIPEMD160_CTX *ctx, const uint8_t *input, uint32_t ilen )
 {
-    uint32_t fill;
-    uint32_t left;
+    uint32_t fill = 0;
+    uint32_t left = 0;

    if( ilen == 0 )
        return;
@ -305,9 +305,9 @@ static const uint8_t ripemd160_padding[RIPEMD160_BLOCK_LENGTH] =
 */
 void ripemd160_Final( RIPEMD160_CTX *ctx, uint8_t output[RIPEMD160_DIGEST_LENGTH] )
 {
-    uint32_t last, padn;
-    uint32_t high, low;
-    uint8_t msglen[8];
+    uint32_t last = 0; uint32_t padn = 0;
+    uint32_t high = 0; uint32_t low = 0;
+    uint8_t msglen[8] = {0};

    high = ( ctx->total[0] >> 29 )
         | ( ctx->total[1] <<  3 );
@ -336,7 +336,7 @@ void ripemd160_Final( RIPEMD160_CTX *ctx, uint8_t output[RIPEMD160_DIGEST_LENGTH
 */
 void ripemd160(const uint8_t *msg, uint32_t msg_len, uint8_t hash[RIPEMD160_DIGEST_LENGTH])
 {
-    RIPEMD160_CTX ctx;
+    RIPEMD160_CTX ctx = {0};
    ripemd160_Init( &ctx );
    ripemd160_Update( &ctx, msg, msg_len );
    ripemd160_Final( &ctx, hash );
--- a/crypto/script.c
+++ b/crypto/script.c
@ -26,7 +26,7 @@

 int script_output_to_address(const uint8_t *script, int scriptlen, char *addr,
                             int addrsize) {
-  uint8_t raw[35];
+  uint8_t raw[35] = {0};

  // P2PKH
  if (scriptlen == 25 && script[0] == 0x76 && script[1] == 0xA9 &&
--- a/crypto/segwit_addr.c
+++ b/crypto/segwit_addr.c
@ -85,9 +85,9 @@ int bech32_encode(char *output, const char *hrp, const uint8_t *data, size_t dat

 int bech32_decode(char* hrp, uint8_t *data, size_t *data_len, const char *input) {
    uint32_t chk = 1;
-    size_t i;
+    size_t i = 0;
    size_t input_len = strlen(input);
-    size_t hrp_len;
+    size_t hrp_len = 0;
    int have_lower = 0, have_upper = 0;
    if (input_len < 8 || input_len > 90) {
        return 0;
@ -163,7 +163,7 @@ static int convert_bits(uint8_t* out, size_t* outlen, int outbits, const uint8_t
 }

 int segwit_addr_encode(char *output, const char *hrp, int witver, const uint8_t *witprog, size_t witprog_len) {
-    uint8_t data[65];
+    uint8_t data[65] = {0};
    size_t datalen = 0;
    if (witver > 16) return 0;
    if (witver == 0 && witprog_len != 20 && witprog_len != 32) return 0;
@ -175,9 +175,9 @@ int segwit_addr_encode(char *output, const char *hrp, int witver, const uint8_t
 }

 int segwit_addr_decode(int* witver, uint8_t* witdata, size_t* witdata_len, const char* hrp, const char* addr) {
-    uint8_t data[84];
-    char hrp_actual[84];
-    size_t data_len;
+    uint8_t data[84] = {0};
+    char hrp_actual[84] = {0};
+    size_t data_len = 0;
    if (!bech32_decode(hrp_actual, data, &data_len, addr)) return 0;
    if (data_len == 0 || data_len > 65) return 0;
    if (strncmp(hrp, hrp_actual, 84) != 0) return 0;
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@ -321,10 +321,10 @@ void sha1_Init(SHA1_CTX* context) {
 	j++;

 void sha1_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2_word32* state_out) {
-	sha2_word32	a, b, c, d, e;
-	sha2_word32	T1;
-	sha2_word32	W1[16];
-	int		j;
+	sha2_word32	a = 0, b = 0, c = 0, d = 0, e = 0;
+	sha2_word32	T1 = 0;
+	sha2_word32	W1[16] = {0};
+	int		j = 0;

 	/* Initialize registers with the prev. intermediate value */
 	a = state_in[0];
@ -439,10 +439,10 @@ void sha1_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2_w
 #else  /* SHA2_UNROLL_TRANSFORM */

 void sha1_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2_word32* state_out) {
-	sha2_word32	a, b, c, d, e;
-	sha2_word32	T1;
-	sha2_word32	W1[16];
-	int		j;
+	sha2_word32	a = 0, b = 0, c = 0, d = 0, e = 0;
+	sha2_word32	T1 = 0;
+	sha2_word32	W1[16] = {0};
+	int		j = 0;

 	/* Initialize registers with the prev. intermediate value */
 	a = state_in[0];
@ -520,7 +520,7 @@ void sha1_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2_w
 #endif /* SHA2_UNROLL_TRANSFORM */

 void sha1_Update(SHA1_CTX* context, const sha2_byte *data, size_t len) {
-	unsigned int	freespace, usedspace;
+	unsigned int	freespace = 0, usedspace = 0;

 	if (len == 0) {
 		/* Calling with no data is valid - we do nothing */
@ -578,7 +578,7 @@ void sha1_Update(SHA1_CTX* context, const sha2_byte *data, size_t len) {
 }

 void sha1_Final(SHA1_CTX* context, sha2_byte digest[]) {
-	unsigned int	usedspace;
+	unsigned int	usedspace = 0;

 	/* If no digest buffer is passed, we don't bother doing this: */
 	if (digest != (sha2_byte*)0) {
@ -632,8 +632,8 @@ void sha1_Final(SHA1_CTX* context, sha2_byte digest[]) {
 }

 char *sha1_End(SHA1_CTX* context, char buffer[]) {
-	sha2_byte	digest[SHA1_DIGEST_LENGTH], *d = digest;
-	int		i;
+	sha2_byte	digest[SHA1_DIGEST_LENGTH] = {0}, *d = digest;
+	int		i = 0;

 	if (buffer != (char*)0) {
 		sha1_Final(context, digest);
@ -652,14 +652,14 @@ char *sha1_End(SHA1_CTX* context, char buffer[]) {
 }

 void sha1_Raw(const sha2_byte* data, size_t len, uint8_t digest[SHA1_DIGEST_LENGTH]) {
-	SHA1_CTX	context;
+	SHA1_CTX	context = {0};
 	sha1_Init(&context);
 	sha1_Update(&context, data, len);
 	sha1_Final(&context, digest);
 }

 char* sha1_Data(const sha2_byte* data, size_t len, char digest[SHA1_DIGEST_STRING_LENGTH]) {
-	SHA1_CTX	context;
+	SHA1_CTX	context = {0};

 	sha1_Init(&context);
 	sha1_Update(&context, data, len);
@ -699,10 +699,10 @@ void sha256_Init(SHA256_CTX* context) {
 	j++

 void sha256_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2_word32* state_out) {
-	sha2_word32	a, b, c, d, e, f, g, h, s0, s1;
-	sha2_word32	T1;
-	sha2_word32 W256[16];
-	int		j;
+	sha2_word32	a = 0, b = 0, c = 0, d = 0, e = 0, f = 0, g = 0, h = 0, s0 = 0, s1 = 0;
+	sha2_word32	T1 = 0;
+	sha2_word32 W256[16] = {0};
+	int		j = 0;

 	/* Initialize registers with the prev. intermediate value */
 	a = state_in[0];
@ -756,9 +756,9 @@ void sha256_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2
 #else /* SHA2_UNROLL_TRANSFORM */

 void sha256_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2_word32* state_out) {
-	sha2_word32	a, b, c, d, e, f, g, h, s0, s1;
-	sha2_word32	T1, T2, W256[16];
-	int		j;
+	sha2_word32	a = 0, b = 0, c = 0, d = 0, e = 0, f = 0, g = 0, h = 0, s0 = 0, s1 = 0;
+	sha2_word32	T1 = 0, T2 = 0 , W256[16] = {0};
+	int		j = 0;

 	/* Initialize registers with the prev. intermediate value */
 	a = state_in[0];
@ -827,7 +827,7 @@ void sha256_Transform(const sha2_word32* state_in, const sha2_word32* data, sha2
 #endif /* SHA2_UNROLL_TRANSFORM */

 void sha256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
-	unsigned int	freespace, usedspace;
+	unsigned int	freespace = 0, usedspace = 0;

 	if (len == 0) {
 		/* Calling with no data is valid - we do nothing */
@ -885,7 +885,7 @@ void sha256_Update(SHA256_CTX* context, const sha2_byte *data, size_t len) {
 }

 void sha256_Final(SHA256_CTX* context, sha2_byte digest[]) {
-	unsigned int	usedspace;
+	unsigned int	usedspace = 0;

 	/* If no digest buffer is passed, we don't bother doing this: */
 	if (digest != (sha2_byte*)0) {
@ -939,8 +939,8 @@ void sha256_Final(SHA256_CTX* context, sha2_byte digest[]) {
 }

 char *sha256_End(SHA256_CTX* context, char buffer[]) {
-	sha2_byte	digest[SHA256_DIGEST_LENGTH], *d = digest;
-	int		i;
+	sha2_byte	digest[SHA256_DIGEST_LENGTH] = {0}, *d = digest;
+	int		i = 0;

 	if (buffer != (char*)0) {
 		sha256_Final(context, digest);
@ -959,14 +959,14 @@ char *sha256_End(SHA256_CTX* context, char buffer[]) {
 }

 void sha256_Raw(const sha2_byte* data, size_t len, uint8_t digest[SHA256_DIGEST_LENGTH]) {
-	SHA256_CTX	context;
+	SHA256_CTX	context = {0};
 	sha256_Init(&context);
 	sha256_Update(&context, data, len);
 	sha256_Final(&context, digest);
 }

 char* sha256_Data(const sha2_byte* data, size_t len, char digest[SHA256_DIGEST_STRING_LENGTH]) {
-	SHA256_CTX	context;
+	SHA256_CTX	context = {0};

 	sha256_Init(&context);
 	sha256_Update(&context, data, len);
@ -1006,9 +1006,9 @@ void sha512_Init(SHA512_CTX* context) {
 	j++

 void sha512_Transform(const sha2_word64* state_in, const sha2_word64* data, sha2_word64* state_out) {
-	sha2_word64	a, b, c, d, e, f, g, h, s0, s1;
-	sha2_word64	T1, W512[16];
-	int		j;
+	sha2_word64	a = 0, b = 0, c = 0, d = 0, e = 0, f = 0, g = 0, h = 0, s0 = 0, s1 = 0;
+	sha2_word64	T1 = 0, W512[16] = {0};
+	int		j = 0;

 	/* Initialize registers with the prev. intermediate value */
 	a = state_in[0];
@ -1061,9 +1061,9 @@ void sha512_Transform(const sha2_word64* state_in, const sha2_word64* data, sha2
 #else /* SHA2_UNROLL_TRANSFORM */

 void sha512_Transform(const sha2_word64* state_in, const sha2_word64* data, sha2_word64* state_out) {
-	sha2_word64	a, b, c, d, e, f, g, h, s0, s1;
-	sha2_word64	T1, T2, W512[16];
-	int		j;
+	sha2_word64	a = 0, b = 0, c = 0, d = 0, e = 0, f = 0, g = 0, h = 0, s0 = 0, s1 = 0;
+	sha2_word64	T1 = 0, T2 = 0, W512[16] = {0};
+	int		j = 0;

 	/* Initialize registers with the prev. intermediate value */
 	a = state_in[0];
@ -1132,7 +1132,7 @@ void sha512_Transform(const sha2_word64* state_in, const sha2_word64* data, sha2
 #endif /* SHA2_UNROLL_TRANSFORM */

 void sha512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
-	unsigned int	freespace, usedspace;
+	unsigned int	freespace = 0, usedspace = 0;

 	if (len == 0) {
 		/* Calling with no data is valid - we do nothing */
@ -1190,7 +1190,7 @@ void sha512_Update(SHA512_CTX* context, const sha2_byte *data, size_t len) {
 }

 static void sha512_Last(SHA512_CTX* context) {
-	unsigned int	usedspace;
+	unsigned int	usedspace = 0;

 	usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
 	/* Begin padding with a 1 bit: */
@ -1248,8 +1248,8 @@ void sha512_Final(SHA512_CTX* context, sha2_byte digest[]) {
 }

 char *sha512_End(SHA512_CTX* context, char buffer[]) {
-	sha2_byte	digest[SHA512_DIGEST_LENGTH], *d = digest;
-	int		i;
+	sha2_byte	digest[SHA512_DIGEST_LENGTH] = {0}, *d = digest;
+	int		i = 0;

 	if (buffer != (char*)0) {
 		sha512_Final(context, digest);
@ -1268,14 +1268,14 @@ char *sha512_End(SHA512_CTX* context, char buffer[]) {
 }

 void sha512_Raw(const sha2_byte* data, size_t len, uint8_t digest[SHA512_DIGEST_LENGTH]) {
-	SHA512_CTX	context;
+	SHA512_CTX	context = {0};
 	sha512_Init(&context);
 	sha512_Update(&context, data, len);
 	sha512_Final(&context, digest);
 }

 char* sha512_Data(const sha2_byte* data, size_t len, char digest[SHA512_DIGEST_STRING_LENGTH]) {
-	SHA512_CTX	context;
+	SHA512_CTX	context = {0};

 	sha512_Init(&context);
 	sha512_Update(&context, data, len);
--- a/crypto/sha3.c
+++ b/crypto/sha3.c
@ -96,8 +96,8 @@ void sha3_512_Init(SHA3_CTX *ctx)
 /* Keccak theta() transformation */
 static void keccak_theta(uint64_t *A)
 {
-	unsigned int x;
-	uint64_t C[5], D[5];
+	unsigned int x = 0;
+	uint64_t C[5] = {0}, D[5] = {0};

 	for (x = 0; x < 5; x++) {
 		C[x] = A[x] ^ A[x + 5] ^ A[x + 10] ^ A[x + 15] ^ A[x + 20];
@ -120,7 +120,7 @@ static void keccak_theta(uint64_t *A)
 /* Keccak pi() transformation */
 static void keccak_pi(uint64_t *A)
 {
-	uint64_t A1;
+	uint64_t A1 = 0;
 	A1 = A[1];
 	A[ 1] = A[ 6];
 	A[ 6] = A[ 9];
@ -152,7 +152,7 @@ static void keccak_pi(uint64_t *A)
 /* Keccak chi() transformation */
 static void keccak_chi(uint64_t *A)
 {
-	int i;
+	int i = 0;
 	for (i = 0; i < 25; i += 5) {
 		uint64_t A0 = A[0 + i], A1 = A[1 + i];
 		A[0 + i] ^= ~A1 & A[2 + i];
@ -165,7 +165,7 @@ static void keccak_chi(uint64_t *A)

 static void sha3_permutation(uint64_t *state)
 {
-	int round;
+	int round = 0;
 	for (round = 0; round < NumberOfRounds; round++)
 	{
 		keccak_theta(state);
@ -287,7 +287,7 @@ void sha3_Update(SHA3_CTX *ctx, const unsigned char *msg, size_t size)
 		size -= left;
 	}
 	while (size >= block_size) {
-		uint64_t* aligned_message_block;
+		uint64_t *aligned_message_block = NULL;
 		if (IS_ALIGNED_64(msg)) {
 			/* the most common case is processing of an already aligned message
 			without copying it */
@ -365,7 +365,7 @@ void keccak_Final(SHA3_CTX *ctx, unsigned char* result)

 void keccak_256(const unsigned char* data, size_t len, unsigned char* digest)
 {
-	SHA3_CTX ctx;
+	SHA3_CTX ctx = {0};
 	keccak_256_Init(&ctx);
 	keccak_Update(&ctx, data, len);
 	keccak_Final(&ctx, digest);
@ -373,7 +373,7 @@ void keccak_256(const unsigned char* data, size_t len, unsigned char* digest)

 void keccak_512(const unsigned char* data, size_t len, unsigned char* digest)
 {
-	SHA3_CTX ctx;
+	SHA3_CTX ctx = {0};
 	keccak_512_Init(&ctx);
 	keccak_Update(&ctx, data, len);
 	keccak_Final(&ctx, digest);
@ -382,7 +382,7 @@ void keccak_512(const unsigned char* data, size_t len, unsigned char* digest)

 void sha3_256(const unsigned char* data, size_t len, unsigned char* digest)
 {
-	SHA3_CTX ctx;
+	SHA3_CTX ctx = {0};
 	sha3_256_Init(&ctx);
 	sha3_Update(&ctx, data, len);
 	sha3_Final(&ctx, digest);
@ -390,7 +390,7 @@ void sha3_256(const unsigned char* data, size_t len, unsigned char* digest)

 void sha3_512(const unsigned char* data, size_t len, unsigned char* digest)
 {
-	SHA3_CTX ctx;
+	SHA3_CTX ctx = {0};
 	sha3_512_Init(&ctx);
 	sha3_Update(&ctx, data, len);
 	sha3_Final(&ctx, digest);
--- a/crypto/shamir.c
+++ b/crypto/shamir.c
@ -41,8 +41,8 @@
 #include "memzero.h"

 static void bitslice(uint32_t r[8], const uint8_t *x, size_t len) {
-  size_t bit_idx, arr_idx;
-  uint32_t cur;
+  size_t bit_idx = 0, arr_idx = 0;
+  uint32_t cur = 0;

  memset(r, 0, sizeof(uint32_t[8]));
  for (arr_idx = 0; arr_idx < len; arr_idx++) {
@ -54,8 +54,8 @@ static void bitslice(uint32_t r[8], const uint8_t *x, size_t len) {
 }

 static void unbitslice(uint8_t *r, const uint32_t x[8], size_t len) {
-  size_t bit_idx, arr_idx;
-  uint32_t cur;
+  size_t bit_idx = 0, arr_idx = 0;
+  uint32_t cur = 0;

  memset(r, 0, sizeof(uint8_t) * len);
  for (bit_idx = 0; bit_idx < 8; bit_idx++) {
@ -67,7 +67,7 @@ static void unbitslice(uint8_t *r, const uint32_t x[8], size_t len) {
 }

 static void bitslice_setall(uint32_t r[8], const uint8_t x) {
-  size_t idx;
+  size_t idx = 0;
  for (idx = 0; idx < 8; idx++) {
    r[idx] = -((x >> idx) & 1);
  }
@ -77,7 +77,7 @@ static void bitslice_setall(uint32_t r[8], const uint8_t x) {
 * Add (XOR) `r` with `x` and store the result in `r`.
 */
 static void gf256_add(uint32_t r[8], const uint32_t x[8]) {
-  size_t idx;
+  size_t idx = 0;
  for (idx = 0; idx < 8; idx++) r[idx] ^= x[idx];
 }

@ -97,7 +97,7 @@ static void gf256_mul(uint32_t r[8], const uint32_t a[8], const uint32_t b[8]) {
   * However, some compilers seem to fail in optimizing these kinds of
   * loops. So we will just have to do this by hand.
   */
-  uint32_t a2[8];
+  uint32_t a2[8] = {0};
  memcpy(a2, a, sizeof(uint32_t[8]));

  r[0] = a2[0] & b[0]; /* add (assignment, because r is 0) */
@ -200,7 +200,7 @@ static void gf256_mul(uint32_t r[8], const uint32_t a[8], const uint32_t b[8]) {
 * Square `x` in GF(2^8) and write the result to `r`. `r` and `x` may overlap.
 */
 static void gf256_square(uint32_t r[8], const uint32_t x[8]) {
-  uint32_t r8, r10, r12, r14;
+  uint32_t r8 = 0, r10 = 0, r12 = 0, r14 = 0;
  /* Use the Freshman's Dream rule to square the polynomial
   * Assignments are done from 7 downto 0, because this allows the user
   * to execute this function in-place (e.g. `gf256_square(r, r);`).
@ -242,7 +242,7 @@ static void gf256_square(uint32_t r[8], const uint32_t x[8]) {
 * Invert `x` in GF(2^8) and write the result to `r`
 */
 static void gf256_inv(uint32_t r[8], uint32_t x[8]) {
-  uint32_t y[8], z[8];
+  uint32_t y[8] = {0}, z[8] = {0};

  gf256_square(y, x);  // y = x^2
  gf256_square(y, y);  // y = x^4
@ -264,13 +264,13 @@ bool shamir_interpolate(uint8_t *result, uint8_t result_index,
                        const uint8_t *share_indices,
                        const uint8_t **share_values, uint8_t share_count,
                        size_t len) {
-  size_t i, j;
-  uint32_t x[8];
+  size_t i = 0, j = 0;
+  uint32_t x[8] = {0};
  uint32_t xs[share_count][8];
  uint32_t ys[share_count][8];
  uint32_t num[8] = {~0}; /* num is the numerator (=1) */
-  uint32_t denom[8];
-  uint32_t tmp[8];
+  uint32_t denom[8] = {0};
+  uint32_t tmp[8] = {0};
  uint32_t secret[8] = {0};
  bool ret = true;