From e8cb1c95a9636472515ebb2c4acfc4e6a68b2b34 Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <dev@ddvo.net>
Date: Fri, 19 Dec 2025 10:40:26 +0100
Subject: [PATCH] CONN_is_IP_address(): prevent crash freeing uninitialized
 'res' on unsuccessful getaddrinfo() call

---
 src/libsecutils/src/connections/conn.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libsecutils/src/connections/conn.c b/src/libsecutils/src/connections/conn.c
index 6499670..f73763d 100644
--- a/src/libsecutils/src/connections/conn.c
+++ b/src/libsecutils/src/connections/conn.c
@@ -35,7 +35,7 @@
 bool CONN_is_IP_address(OPTIONAL const char *host)
 {
     size_t len;
-    struct addrinfo hints, *res;
+    struct addrinfo hints, *res = NULL;
     int ret;
 
     if (host == NULL)
@@ -50,7 +50,7 @@ bool CONN_is_IP_address(OPTIONAL const char *host)
     memset(&hints, 0, sizeof(hints));
     hints.ai_flags = AI_NUMERICHOST;
     ret = getaddrinfo(host, NULL, &hints, &res);
-    if (res != NULL)
+    if (ret == 0)
         freeaddrinfo(res);
     return ret == 0;
 }