On 8 August 2017 at 21:38, Jens Freimann <address@hidden> wrote:
@@ -333,8 +333,13 @@ static NetSocketState
*net_socket_fd_init_dgram(NetClientState *peer,
* by ONLY ONE process: we must "clone" this dgram socket --jjo
*/
- if (is_connected) {
- if (getsockname(fd, (struct sockaddr *) &saddr, &saddr_len) == 0) {
+ if (is_connected && mcast != NULL) {
This changes the condition() under which we fill in the struct sockaddr_in saddr
from "if (is_connected)" to "if (is_connected && mcast != NULL)"...
+ if (parse_host_port(&saddr, mcast) < 0) {
+ fprintf(stderr,
+ "qemu: error: init_dgram: fd=%d failed
parse_host_port()\n",
+ fd);
+ goto err;
+ }
/* must be bound */
if (saddr.sin_addr.s_addr == 0) {
fprintf(stderr, "qemu: error: init_dgram: fd=%d unbound, "
...but later in the function we do:
/* mcast: save bound address as dst */
if (is_connected) {
s->dgram_dst = saddr;
snprintf(nc->info_str, sizeof(nc->info_str),
"socket: fd=%d (cloned mcast=%s:%d)",
fd, inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port));
} else {
snprintf(nc->info_str, sizeof(nc->info_str),
"socket: fd=%d", fd);
}
and coverity correctly points out that if is_connected is true
but mcast is NULL then we use 'saddr' without having initialized
it properly.
Any suggestions for the correct fix for this?