romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-07 08:57:27 +03:00
Code Issues Projects Releases Packages Wiki Activity

mbedtls: fix potential use of uninitialized nread

Browse source 
When Curl_conn_cf_recv() returns error, the variable might not be
assigned and the tracing output may (harmlessly) use it uninitialized.

Also add a comment about the typecast from size_t to int being fine.

Pointed out by ZeroPath

Closes #19393
This commit is contained in:
Daniel Stenberg 2025-11-07 10:39:26 +01:00
parent 684af00181
commit a6eaa67c55
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/vtls/mbedtls.c
View file

@ -200,7 +200,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
{
struct Curl_cfilter *cf = bio;
struct Curl_easy *data = CF_DATA_CURRENT(cf);
size_t nread;
size_t nread = 0;
CURLcode result;
DEBUGASSERT(data);
@ -215,6 +215,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
blen, result, nread);
if(CURLE_AGAIN == result)
return MBEDTLS_ERR_SSL_WANT_READ;
/* nread is never larger than int here */
return result ? -1 : (int)nread;
}