New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Potential security issue in lib/ftp.c: Unchecked return from initialization function #5412
Comments
They're done on purpose, make that visible in the code. Reported-by: MonocleAI Fixes #5412
@bagder what do you think about instance 2? |
I already added a |
Thanks @bagder - I think I pasted the wrong line there. How about this one? |
I missed those. There seems to be two calls in ftp.c and one in if2ip.c that we should fix... |
Reported-by: Siva Sivaraman Fixes #5412
Reported-by: Siva Sivaraman Fixes #5412
What is a Conditionally Uninitialized Variable? The return value of a function that is potentially used to initialize a local variable is not checked. Therefore, reading the local variable may result in undefined behavior.
3 instances of this defect were found in the following locations:
Instance 1
File :
lib/ftp.c
Function:
Curl_GetFTPResponse
curl/lib/ftp.c
Line 412 in 17b1405
Code extract:
How can I fix it?
Correct reference usage found in
lib/ftp.c
at line3380
.curl/lib/ftp.c
Line 3380 in 17b1405
Code extract:
Instance 2
File :
lib/ftp.c
Function:
Curl_inet_ntop
curl/lib/ftp.c
Line 1060 in 17b1405
Code extract:
How can I fix it?
Correct reference usage found in
lib/connect.c
at line650
.curl/lib/connect.c
Line 650 in 17b1405
Code extract:
Instance 3
File :
lib/ftp.c
Function:
Curl_printable_address
curl/lib/ftp.c
Line 3453 in 17b1405
Code extract:
How can I fix it?
Correct reference usage found in
lib/socks.c
at line785
.curl/lib/socks.c
Line 785 in 17b1405
Code extract:
The text was updated successfully, but these errors were encountered: