Potential security issue in lib/socks.c: Unchecked return from initialization function

What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.

1 instance of this defect were found in the following locations:

Instance 1 File : lib/socks.c Function: Curl_printable_address https://github.com/siva-msft/curl/blob/91176082b1cf013b3510b7544b589973e541e8b4/lib/socks.c#L283 Code extract:

    if(dns)
      hp = dns->addr;
    if(hp) {
      Curl_printable_address(hp, buf, sizeof(buf)); <------ HERE

      if(hp->ai_family == AF_INET) {

How can I fix it? Correct reference usage found in lib/socks.c at line 785. https://github.com/siva-msft/curl/blob/91176082b1cf013b3510b7544b589973e541e8b4/lib/socks.c#L785 Code extract:

      return CURLE_COULDNT_RESOLVE_HOST;
    }

    if(Curl_printable_address(hp, dest, sizeof(dest))) { <------ HERE
      size_t destlen = strlen(dest);
      msnprintf(dest + destlen, sizeof(dest) - destlen, ":%d", remote_port);

siva-msft / curl

Potential security issue in lib/socks.c: Unchecked return from initialization function #57

What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.

1 instance of this defect were found in the following locations: