From 1e68c5b5776bdb94979832aeff4090328a712609 Mon Sep 17 00:00:00 2001
From: Dominik Schiener <dominik.schiener@admiral.at>
Date: Tue, 9 Apr 2024 20:41:11 +0200
Subject: [PATCH] Fix | TdsParser.ProcessSSPI clear receivedBuff array after
 negTokenResp retrieval

---
 .../src/Microsoft/Data/SqlClient/TdsParser.cs                   | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParser.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParser.cs
index 4366b4665a..c7d170f442 100644
--- a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParser.cs
+++ b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsParser.cs
@@ -25,6 +25,8 @@ internal void ProcessSSPI(int receivedLength)
                 throw SQL.SynchronousCallMayNotPend();
             }
 
+            receivedBuff.AsSpan(receivedLength, receivedBuff.Length - receivedLength).Clear();
+
             // allocate send buffer and initialize length
             byte[] rentedSendBuff = ArrayPool<byte>.Shared.Rent((int)_authenticationProvider!.MaxSSPILength);
             byte[] sendBuff = rentedSendBuff; // need to track these separately in case someone updates the ref parameter