From 6f3ada8a14233e76d8c809659b81bddaa7be6db8 Mon Sep 17 00:00:00 2001
From: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Tue, 11 Feb 2025 21:45:23 +1100
Subject: [PATCH] Address coverity reports

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26703)
---
 ssl/t1_lib.c                    | 4 +---
 test/tls13groupselection_test.c | 8 ++++----
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index bf5c0ef444..0318cbc726 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1580,11 +1580,9 @@ int tls1_set_groups_list(SSL_CTX *ctx,
         return 0;
     }
 
+    memset(&gcb, 0, sizeof(gcb));
     gcb.tuple_mode = 1; /* We prepare to collect the first tuple */
     gcb.ignore_unknown_default = 0;
-    gcb.gidcnt = 0;
-    gcb.ksidcnt = 0;
-    gcb.tplcnt = 0;
     gcb.gidmax = GROUPLIST_INCREMENT;
     gcb.tplmax = GROUPLIST_INCREMENT;
     gcb.ksidmax = GROUPLIST_INCREMENT;
diff --git a/test/tls13groupselection_test.c b/test/tls13groupselection_test.c
index 47432eeecd..e3a25dba13 100644
--- a/test/tls13groupselection_test.c
+++ b/test/tls13groupselection_test.c
@@ -367,8 +367,9 @@ static int test_invalidsyntax(const struct tls13groupselection_test_st *current_
     SSL_CTX *client_ctx = NULL, *server_ctx = NULL;
     SSL *clientssl = NULL, *serverssl = NULL;
 
-    TEST_ptr(current_test_vector->client_groups);
-    TEST_size_t_ne(strlen(current_test_vector->client_groups), 0);
+    if (!TEST_ptr(current_test_vector->client_groups)
+        || !TEST_size_t_ne(strlen(current_test_vector->client_groups), 0))
+        goto end;
 
     /* Creation of the contexts */
     TEST_true_or_end(create_ssl_ctx_pair(NULL, TLS_server_method(),
@@ -378,10 +379,9 @@ static int test_invalidsyntax(const struct tls13groupselection_test_st *current_
                                          cert, privkey));
 
     /* Customization of the contexts */
-    if (ssl_or_ctx == WORK_ON_CONTEXT) {
+    if (ssl_or_ctx == WORK_ON_CONTEXT)
         TEST_false_or_end(SSL_CTX_set1_groups_list(client_ctx,
                                                    current_test_vector->client_groups));
-    }
     /* Creation of the SSL objects */
     TEST_true_or_end(create_ssl_objects(server_ctx, client_ctx,
                                         &serverssl, &clientssl,