From 6cd0e6e52a5e5445dea52ffa4ed696d296f1713d Mon Sep 17 00:00:00 2001
From: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Date: Thu, 9 Apr 2026 23:47:33 +0600
Subject: [PATCH] fix: initialize known_hosts output entry

ssh_session_get_known_hosts_entry() could return SSH_KNOWN_HOSTS_OK without initializing *pentry, leaving callers with an undefined output pointer.

Initialize *pentry to NULL at function entry so every return path leaves the output in a defined state.

Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
---
 src/knownhosts.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/knownhosts.c b/src/knownhosts.c
index 4a8ea45e..51f9bb9b 100644
--- a/src/knownhosts.c
+++ b/src/knownhosts.c
@@ -1182,6 +1182,10 @@ ssh_session_get_known_hosts_entry(ssh_session session,
 {
     enum ssh_known_hosts_e old_rv, rv = SSH_KNOWN_HOSTS_UNKNOWN;
 
+    if (pentry != NULL) {
+        *pentry = NULL;
+    }
+
     if (session->opts.knownhosts == NULL) {
         if (ssh_options_apply(session) < 0) {
             ssh_set_error(session,