From 29e40ed74de9f729755aa45459ff4f770b5be9ca Mon Sep 17 00:00:00 2001
From: Michael Orlitzky <michael@orlitzky.com>
Date: Sun, 20 Oct 2024 18:17:52 -0400
Subject: [PATCH] src/svgtiny_css.c: fix uninitalized use in node_is_lang()

If _node_has_attribute_substring() returns an error before it has a
chance to overwrite the "match" variable with true/false, then we may
try to access "match" while it is uninitialized. We may as well just
initialize it to false (no match) to avoid this corner case.
---
 src/svgtiny_css.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/svgtiny_css.c b/src/svgtiny_css.c
index 4856ac3..d69fa5c 100644
--- a/src/svgtiny_css.c
+++ b/src/svgtiny_css.c
@@ -1796,7 +1796,10 @@ static css_error node_is_lang(void *pw, void *node,
 	dom_exception d_err;
 	dom_node *n; /* current node */
 	dom_node *p; /* parent node */
-	bool match;  /* retval from node_has_attribute_substring() */
+
+	/* retval from node_has_attribute_substring(), must be
+	 * initialized in case that function bails early */
+	bool match = false;
 
 	/* Define the attribute name "lang" that we're looking for.
 	 * We only use a css_qname here because that's what the
-- 
2.44.2