From 0140d1e5b11c4117c6a2f1b565c8debacbae3a4d Mon Sep 17 00:00:00 2001
From: Michael Drake <michael.drake@codethink.co.uk>
Date: Mon, 24 Feb 2020 14:58:16 +0000
Subject: Curl fetcher: Guard against read of uninitialised value.

Fixes Coverity issue:

CID 1419830:  Memory - illegal accesses  (UNINIT)
>>>     Using uninitialized value "buf[depth]".
---
 content/fetchers/curl.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'content/fetchers')

diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c
index bd8c4333c..525c15885 100644
--- a/content/fetchers/curl.c
+++ b/content/fetchers/curl.c
@@ -676,6 +676,9 @@ fetch_curl_store_certs_in_cache(struct curl_fetch_info *f)
 
 	/* release the openssl memory buffer */
 	for (depth = 0; depth < chain.depth; depth++) {
+		if (chain.certs[depth].err == SSL_CERT_ERR_CERT_MISSING) {
+			continue;
+		}
 		if (buf[depth] != NULL) {
 			BUF_MEM_free(buf[depth]);
 		}
-- 
cgit v1.2.3