From: Sergey Kandaurov <pluknet@nginx.com>
Date: Wed, 15 Apr 2026 18:12:28 +0000 (+0400)
Subject: QUIC: always populate ngx_quic_cbs_recv_rcd() output arguments
X-Git-Url: http://www.kaiwu.me/postgresql/commit/?a=commitdiff_plain;h=4dd7ec9ae48df272cef2a1ecd4de0a237783828a;p=nginx.git

QUIC: always populate ngx_quic_cbs_recv_rcd() output arguments

Although uninitialized values aren't used in practice due to the
nature of the OpenSSL code flow, this violates the API contract.

Reported by lukefr09 on GitHub.
---

diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
index 18992ae1b..4e84f8102 100644
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -158,6 +158,7 @@ ngx_quic_cbs_recv_rcd(ngx_ssl_conn_t *ssl_conn,
         if (b->sync) {
             /* hole */
 
+            *data = NULL;
             *bytes_read = 0;
 
             break;
@@ -169,6 +170,9 @@ ngx_quic_cbs_recv_rcd(ngx_ssl_conn_t *ssl_conn,
         break;
     }
 
+    *data = NULL;
+    *bytes_read = 0;
+
     return 1;
 }