From aa95d1ceda65e7aa20110a69742797d80009e7de Mon Sep 17 00:00:00 2001
From: Stefan Eissing <stefan@eissing.org>
Date: Thu, 27 Nov 2025 10:23:43 +0100
Subject: [PATCH 1/2] vquic: do_sendmsg full init

When passing a `msg_ctrl` to sendmsg() as part of GSO handling, zero the
complete array. This fixes any false positives by valgrind that complain
about uninitialised memory, even though the kernel only ever accesses
the first two bytes.

Reported-by: Aleksei Bavshin
Fixes #19714
Closes #19715

(cherry picked from commit a9e7a027ed866b791c12a3c701dc40304f4e00cb)
---
 lib/vquic/vquic.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c
index 7533001ea..2e8d8e5cd 100644
--- a/lib/vquic/vquic.c
+++ b/lib/vquic/vquic.c
@@ -144,6 +144,7 @@ static CURLcode do_sendmsg(struct Curl_cfilter *cf,
   if(pktlen > gsolen) {
     /* Only set this, when we need it. macOS, for example,
      * does not seem to like a msg_control of length 0. */
+    memset(msg_ctrl, 0, sizeof(msg_ctrl));
     msg.msg_control = msg_ctrl;
     assert(sizeof(msg_ctrl) >= CMSG_SPACE(sizeof(int)));
     msg.msg_controllen = CMSG_SPACE(sizeof(int));
-- 
2.52.0