Hi all,
Sentry (our static analysis tool) found an uninitialized variable bug
in libcurl last night. In the function CURLcode sso_ntlm_initiate,
the code in question (introduced in commit a6d4807):
const char *ntlm_auth;
...
#ifdef DEBUGBUILD
ntlm_auth=getenv("NTLM_AUTH");
#endif
--> if(!ntlm_auth)
ntlm_auth = NTLM_AUTH;
Here ntlm_auth is only initialized if the DEBUGBUILD macro is defined,
otherwise it will be used uninitialized in the 'if' statement that
follows. This could result in undefined behavior if ntlm_auth when
eventually dereferenced.
Suggested fix:
- const char *ntlm_auth;
+ const char *ntlm_auth = NULL;
Best,
Mike
--
Mike Mueller
Phone: (401) 405-1525
Email: [email protected]
http://www.vigilantsw.com/
Software Analysis for C and C++
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
