From b3e685ac3d6f49fd323cb4562564082e1b07ecc1 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Sat, 6 Sep 2025 14:18:18 +0200 Subject: [PATCH] BUG/MEDIUM: ssl: Properly initialize msg_controllen. When kTLS is compiled in, make sure msg_controllen is initialized to 0. If we're not actually kTLS, then it won't be set, but we'll check that it is non-zero later to check if we ancillary data. This does not need to be backported. This should fix CID 1620865, as reported in github issue #3106. --- src/ssl_sock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 5e7865e52..f16b4e7c0 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -344,7 +344,7 @@ static int ha_ssl_read(BIO *h, char *buf, int size) struct cmsghdr hdr; char buf[CMSG_SPACE(sizeof(unsigned char))]; } cmsgbuf; - size_t msg_controllen; + size_t msg_controllen = 0; #endif #endif struct buffer tmpbuf;