From eed2b390d945fca582b19c5a023fc654bfcbfff0 Mon Sep 17 00:00:00 2001
From: Jan Jongboom <janjongboom@gmail.com>
Date: Thu, 7 Mar 2019 16:21:52 +0100
Subject: [PATCH] Dead pointer usage in GenericSecurityManager

`pscrk` is set to the address of `csrk`, but `csrk` is out of scope when using the resulting value. There's no guarantee that the memory is still valid.
---
 features/FEATURE_BLE/source/generic/GenericSecurityManager.tpp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/features/FEATURE_BLE/source/generic/GenericSecurityManager.tpp b/features/FEATURE_BLE/source/generic/GenericSecurityManager.tpp
index 6422f28336..8fe9624463 100644
--- a/features/FEATURE_BLE/source/generic/GenericSecurityManager.tpp
+++ b/features/FEATURE_BLE/source/generic/GenericSecurityManager.tpp
@@ -883,9 +883,8 @@ ble_error_t GenericSecurityManager<TPalSecurityManager, SigningMonitor>::init_si
     const csrk_t *pcsrk = _db->get_local_csrk();
     sign_count_t local_sign_counter = _db->get_local_sign_counter();
 
+    csrk_t csrk;
     if (!pcsrk) {
-        csrk_t csrk;
-
         ble_error_t ret = get_random_data(csrk.data(), csrk.size());
         if (ret != BLE_ERROR_NONE) {
             return ret;