From bc4edb8a70a66c967b354c9b2bacc0804db6ba11 Mon Sep 17 00:00:00 2001
From: Paul Gofman <pgofman@codeweavers.com>
Date: Mon, 21 Mar 2022 16:51:49 +0300
Subject: [PATCH] winhttp: Avoid freeing potentially uninitialized context in
 netconn_secure_connect().

Signed-off-by: Paul Gofman <pgofman@codeweavers.com>
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
---
 dlls/winhttp/net.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c
index 2fc48476513..07a65c5465f 100644
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -293,6 +293,7 @@ DWORD netconn_secure_connect( struct netconn *conn, WCHAR *hostname, DWORD secur
 
     if (!(read_buf = malloc( read_buf_size ))) return ERROR_OUTOFMEMORY;
 
+    memset( &ctx, 0, sizeof(ctx) );
     status = InitializeSecurityContextW(cred_handle, NULL, hostname, isc_req_flags, 0, 0, NULL, 0,
             &ctx, &out_desc, &attrs, NULL);