From 04e3539be1268b8f53e68a0bfb2e8428f018e8fa Mon Sep 17 00:00:00 2001
From: Nicola Fontana <ntd@entidi.it>
Date: Fri, 30 Apr 2021 20:28:13 +0200
Subject: [PATCH] cpml: fix potential bug

Solve "`length` may be used uninitialized in this function" by avoiding
quitting early on if `num_data` is 0.
---
 src/cpml/cpml-segment.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/cpml/cpml-segment.c b/src/cpml/cpml-segment.c
index 240c2331..3eebc498 100644
--- a/src/cpml/cpml-segment.c
+++ b/src/cpml/cpml-segment.c
@@ -638,14 +638,15 @@ ensure_one_leading_move(CpmlSegment *segment)
         data += length;
         num_data -= length;
     }
+    if (num_data <= 0)
+        return 0;
 
     /* Skip all duplicate CPML_MOVE but the last one */
-    while (num_data > 0 && (length = data->header.length) > 0 &&
-           num_data > length && data[length].header.type == CPML_MOVE) {
+    while (num_data > (length = data->header.length) &&
+           data[length].header.type == CPML_MOVE) {
         data += length;
         num_data -= length;
     }
-
     if (num_data <= length)
         return 0;
 
-- 
2.11.4.GIT