[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 1/2] net: socket backend passes junk size to getsock
From: |
Markus Armbruster |
Subject: |
[Qemu-devel] [PATCH 1/2] net: socket backend passes junk size to getsockname(), fix |
Date: |
Mon, 31 Oct 2011 17:11:37 +0100 |
net_socket_fd_init_dgram() passes an uninitialized address length to
getsockname(). I guess this happens to work as long as the junk value
is at least sizeof(sockaddr_in).
Spotted by Coverity.
Signed-off-by: Markus Armbruster <address@hidden>
---
net/socket.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/socket.c b/net/socket.c
index e9ef128..eb3e0d6 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -260,6 +260,7 @@ static NetSocketState *net_socket_fd_init_dgram(VLANState
*vlan,
*/
if (is_connected) {
+ saddr_len = sizeof(saddr);
if (getsockname(fd, (struct sockaddr *) &saddr, &saddr_len) == 0) {
/* must be bound */
if (saddr.sin_addr.s_addr==0) {
--
1.7.6.4