From 954503b9f5c0a3ea7720ef5a72a4ea65dff9dee2 Mon Sep 17 00:00:00 2001
From: Colin Vidal <colin@isc.org>
Date: Fri, 28 Nov 2025 11:55:32 +0100
Subject: [PATCH] fix unitiailized pointer check on getipandkeylist

Function `named_config_getipandkeylist` could, in case of error in the
early code attempting to get the `port` or `tls-port`, make a pointer
check on a non-initialized value. This is now fixed.
---
 bin/named/config.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/named/config.c b/bin/named/config.c
index 32918feba6..81eb498925 100644
--- a/bin/named/config.c
+++ b/bin/named/config.c
@@ -555,6 +555,7 @@ named_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
 	isc_result_t result;
 	in_port_t def_port;
 	in_port_t def_tlsport;
+	getipandkeylist_state_t s = {};
 
 	REQUIRE(ipkl != NULL);
 	REQUIRE(ipkl->count == 0);
@@ -580,7 +581,6 @@ named_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list,
 	/*
 	 * Process the (nested) list(s).
 	 */
-	getipandkeylist_state_t s = {};
 	result = getipandkeylist(def_port, def_tlsport, config, list,
 				 (in_port_t)0, NULL, NULL, mctx, &s);
 	if (result != ISC_R_SUCCESS) {