Potential security issue in lib/sendf.c: Unchecked return from initialization function #5413
Comments
bagder
added a commit
that referenced
this issue
May 18, 2020
... and avoid a strlen() call. Fixes a MonocleAI warning. Reported-by: MonocleAI Fixes #5413
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.
1 instance of this defect were found in the following locations:
Instance 1
File :
lib/sendf.c
Function:
curl_mvsnprintf
curl/lib/sendf.c
Line 270 in 17b1405
Code extract:
How can I fix it?
Correct reference usage found in
lib/sendf.c
at line241
.curl/lib/sendf.c
Line 241 in 17b1405
Code extract:
The text was updated successfully, but these errors were encountered: