Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Potential security issue in lib/sendf.c: Unchecked return from initialization function #5413
What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.
1 instance of this defect were found in the following locations:
size_t len; char error[CURL_ERROR_SIZE + 2]; va_start(ap, fmt); mvsnprintf(error, CURL_ERROR_SIZE, fmt, ap); <------ HERE len = strlen(error);
How can I fix it?
size_t len; char print_buffer[2048 + 1]; va_start(ap, fmt); len = mvsnprintf(print_buffer, sizeof(print_buffer), fmt, ap); <------ HERE /* * Indicate truncation of the input by replacing the last 3 characters