[Qemu-devel] [PATCH 1/2] net: socket backend passes junk size to getsock

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 1/2] net: socket backend passes junk size to getsock

From:	Markus Armbruster
Subject:	[Qemu-devel] [PATCH 1/2] net: socket backend passes junk size to getsockname(), fix
Date:	Mon, 31 Oct 2011 17:11:37 +0100

net_socket_fd_init_dgram() passes an uninitialized address length to
getsockname().  I guess this happens to work as long as the junk value
is at least sizeof(sockaddr_in).

Spotted by Coverity.

Signed-off-by: Markus Armbruster <address@hidden>
---
 net/socket.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/net/socket.c b/net/socket.c
index e9ef128..eb3e0d6 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -260,6 +260,7 @@ static NetSocketState *net_socket_fd_init_dgram(VLANState 
*vlan,
      */
 
     if (is_connected) {
+        saddr_len = sizeof(saddr);
        if (getsockname(fd, (struct sockaddr *) &saddr, &saddr_len) == 0) {
            /* must be bound */
            if (saddr.sin_addr.s_addr==0) {
-- 
1.7.6.4

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 0/2] net: socket backend uses uninitialized variables, Markus Armbruster, 2011/10/31
- [Qemu-devel] [PATCH 2/2] net: socket backend shows junk in "info network", fix, Markus Armbruster, 2011/10/31
- [Qemu-devel] [PATCH 1/2] net: socket backend passes junk size to getsockname(), fix, Markus Armbruster <=

Prev by Date: [Qemu-devel] [PATCH 2/2] net: socket backend shows junk in "info network", fix
Next by Date: [Qemu-devel] Problem under OSX Lion: GThread-ERROR **: GThread system may only be initialized once
Previous by thread: [Qemu-devel] [PATCH 2/2] net: socket backend shows junk in "info network", fix
Next by thread: [Qemu-devel] [PATCH v2] dma: Avoid reentrancy in DMA transfer handlers
Index(es):
- Date
- Thread