@@ -183,7 +183,7 @@ static int print_chain(struct metachain *c, char *str, size_t len)

 static cl_error_t post(int fd, int result, const char *virname, void *context)

 {

     struct clamscan_cb_data *d = context;

-    struct metachain *c;

+    struct metachain *c = NULL;

     char str[128];

     UNUSEDPARAM(fd);

@@ -2485,7 +2485,7 @@ downloadmanager (const struct optstruct *opts, const char *hostname,

                  unsigned int attempt)

 {

     time_t currtime;

-    int ret, custret, updated = 0, outdated = 0, signo = 0, logerr;

+    int ret, custret = 0, updated = 0, outdated = 0, signo = 0, logerr;

     unsigned int ttl;

     char ipaddr[46], *dnsreply = NULL, *pt, *localip = NULL, *newver = NULL;

     const struct optstruct *opt;

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2010 Sourcefire, Inc.

  *

  *  Authors: aCaB <acab@clamav.net>

@@ -50,11 +50,11 @@ static const uint8_t hqxtbl[] = {

 int cli_binhex(cli_ctx *ctx) {

     fmap_t *map = *ctx->fmap;

-    const uint8_t *encoded;

-    uint8_t decoded[BUFSIZ], spare_bits, last_byte=0, this_byte, offset=0;

+    const uint8_t *encoded = NULL;

+    uint8_t decoded[BUFSIZ], spare_bits = 0, last_byte = 0, this_byte = 0, offset = 0;

     size_t enc_done=0, enc_todo=map->len;

     unsigned int dec_done=0, chunksz = 0, chunkoff=0;

-    uint32_t datalen, reslen;

+    uint32_t datalen = 0, reslen = 0;

     int in_data = 0, in_run = 0, datafd, resfd, ret = CL_CLEAN;

     enum binhex_phase { IN_BANNER, IN_HEADER, IN_DATA, IN_LIMBO1, IN_LIMBO2, IN_RES } write_phase = IN_BANNER;

     char *dname, *rname;

@@ -188,7 +188,10 @@ int cli_binhex(cli_ctx *ctx) {

 	    }

 	}

-	if(!chunksz) {

+	// 'chunksz' must be 0 the first iteration, 

+	// so that 'encoded' will be initialized before first dereference.

+	if(!chunksz)

+	{

 	    chunksz = MIN(enc_todo, map->pgsz);

 	    encoded = fmap_need_off_once(map, enc_done, chunksz);

 	    if(!encoded) {

@@ -553,7 +553,7 @@ static inline char *readData(const unsigned char *p, unsigned *off, unsigned len

 static inline char *readString(const unsigned char *p, unsigned *off, unsigned len, char *ok)

 {

-    unsigned stringlen;

+    unsigned stringlen = 0;

     char *str = readData(p, off, len, ok, &stringlen);

     if (*ok && stringlen && str[stringlen-1] != '\0') {

 	str[stringlen-1] = '\0';

@@ -3199,7 +3199,7 @@ void cli_bytetype_describe(const struct cli_bc *bc)

 void cli_bytevalue_describe(const struct cli_bc *bc, unsigned funcid)

 {

-    unsigned i, j, total = 0;

+    unsigned i, total = 0;

     const struct cli_bc_func *func;

     if (funcid >= bc->num_func) {

@@ -1,7 +1,7 @@

 /*

  *  Support for matcher using PCRE

  *

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2013 Sourcefire, Inc.

  *  All Rights Reserved.

  *

@@ -593,7 +593,7 @@ int cli_pcre_scanbuf(const unsigned char *buffer, uint32_t length, const char **

     unsigned int i, evalcnt = 0;

     uint64_t maxfilesize, evalids = 0;

     uint32_t global, encompass, rolling;

-    int rc, offset, ret = CL_SUCCESS, options=0;

+    int rc = 0, offset = 0, ret = CL_SUCCESS, options=0;

     uint8_t viruses_found = 0;

     if ((root->pcre_metas == 0) || (!root->pcre_metatable) || (ctx && ctx->dconf && !(ctx->dconf->pcre & PCRE_CONF_SUPPORT)))

@@ -1338,7 +1338,7 @@ void pdf_parseobj(struct pdf_struct *pdf, struct pdf_obj *obj)

     /* enough to hold common pdf names, we don't need all the names */

     char pdfname[64];

     const char *q2, *q3;

-    const char *nextobj, *nextopen, *nextclose;

+    const char *nextobj = NULL, *nextopen = NULL, *nextclose = NULL;

     const char *q = obj->start + pdf->map;

     const char *dict, *enddict, *start;

     off_t dict_length, full_dict_length;

@@ -271,8 +271,8 @@ static void

 p_ere(struct parse *p, int stop)	/* character this ERE should end at */

 {

 	char c;

-	sopno prevback;

-	sopno prevfwd;

+	sopno prevback = 0;

+	sopno prevfwd = 0;

 	sopno conc;

 	int first = 1;		/* is this the first alternative? */

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2014 Cisco and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2014, 2017 Cisco and/or its affiliates. All rights reserved.

  *

  *  Author: Shawn Webb

  *

@@ -56,9 +56,9 @@

 int connect_host(const char *host, const char *port, uint32_t timeout, int useAsync)

 {

-    int sockfd;

-    struct addrinfo hints, *servinfo, *p;

-    int flags, error;

+    int sockfd = -1;

+    struct addrinfo hints, *servinfo = NULL, *p = NULL;

+    int flags = 0, error;

     socklen_t len;

     fd_set read_fds, write_fds;

     struct timeval tv;

@@ -144,7 +144,7 @@ int connect_host(const char *host, const char *port, uint32_t timeout, int useAs

     freeaddrinfo(servinfo);

     /* Return to using a synchronous socket to make Linux happy */

-    if (useAsync) {

+    if (useAsync && (sockfd >= 0)) {

         if (fcntl(sockfd, F_SETFL, flags) < 0) {

             closesocket(sockfd);

             return -1;

@@ -153,7 +153,7 @@ int yr_execute_code(

   int i;

   int found;

   int count;

-  int result;

+  int result = -1;

   int cycle = 0;

 #if REAL_YARA

   int tidx = yr_get_tidx();