Potential security issue in lib/sha256.c: Unchecked return from initialization function

What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.

1 instance of this defect were found in the following locations:

Instance 1 File : lib/sha256.c Function: CryptGetHashParam https://github.com/siva-msft/curl/blob/91176082b1cf013b3510b7544b589973e541e8b4/lib/sha256.c#L227 Code extract:

{
  unsigned long length;

  CryptGetHashParam(ctx->hHash, HP_HASHVAL, NULL, &length, 0); <------ HERE
  if(length == SHA256_DIGEST_LENGTH)
    CryptGetHashParam(ctx->hHash, HP_HASHVAL, digest, &length, 0);

siva-msft / curl

Potential security issue in lib/sha256.c: Unchecked return from initialization function #56

What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.

1 instance of this defect were found in the following locations: