mbedtls: fix potential use of uninitialized `nread`

When Curl_conn_cf_recv() returns error, the variable might not be
assigned and the tracing output may (harmlessly) use it uninitialized.

Also add a comment about the typecast from size_t to int being fine.

Pointed out by ZeroPath

Closes #19393

diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 4e8a0c3cf7997d92986d4d96f0889719f28e8b70..36200de6fa6f9745ae9c595199c89c270c7b501d 100644 (file)
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -200,7 +200,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
 {
   struct Curl_cfilter *cf = bio;
   struct Curl_easy *data = CF_DATA_CURRENT(cf);
-  size_t nread;
+  size_t nread = 0;
   CURLcode result;
 
   DEBUGASSERT(data);
@@ -215,6 +215,7 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
               blen, result, nread);
   if(CURLE_AGAIN == result)
     return MBEDTLS_ERR_SSL_WANT_READ;
+  /* nread is never larger than int here */
   return result ? -1 : (int)nread;
 }