From 198b73d12ce36256fb7db85a256920d536b20a72 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 2 Sep 2019 15:28:30 +0200
Subject: smb: init *msg to NULL in smb_send_and_recv()

... it might otherwise return OK from this function leaving that pointer
uninitialized.

Bug: https://crbug.com/oss-fuzz/16907

Closes #4286
---
 lib/smb.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/smb.c b/lib/smb.c
index 2703520a6..f66c05ca4 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -606,6 +606,7 @@ static CURLcode smb_send_and_recv(struct connectdata *conn, void **msg)
 {
   struct smb_conn *smbc = &conn->proto.smbc;
   CURLcode result;
+  *msg = NULL; /* if it returns early */
 
   /* Check if there is data in the transfer buffer */
   if(!smbc->send_size && smbc->upload_size) {
-- 
cgit v1.2.3