diff options
author | Thanos Makatos <thanos.makatos@nutanix.com> | 2021-01-25 16:55:10 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-01-25 16:55:10 +0000 |
commit | ed80aab4f188863c6414d0c7a15daeba3ff243d2 (patch) | |
tree | 689322476e60afed4a32fbbdc4f57673ed7d42fa /lib | |
parent | 3792f9cbc3f9a200e7d6d54f97fac3b74cbf8398 (diff) | |
download | libvfio-user-ed80aab4f188863c6414d0c7a15daeba3ff243d2.zip libvfio-user-ed80aab4f188863c6414d0c7a15daeba3ff243d2.tar.gz libvfio-user-ed80aab4f188863c6414d0c7a15daeba3ff243d2.tar.bz2 |
don't use uninitialized memory (#244)
Signed-off-by: Thanos Makatos <thanos.makatos@nutanix.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/tran_sock.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/tran_sock.c b/lib/tran_sock.c index dd682db..3d3b1fc 100644 --- a/lib/tran_sock.c +++ b/lib/tran_sock.c @@ -137,6 +137,8 @@ vfu_send_iovec(int sock, uint16_t msg_id, bool is_reply, struct vfio_user_header hdr = {.msg_id = msg_id}; struct msghdr msg; size_t i; + size_t size = count * sizeof *fds; + char *buf; if (nr_iovecs == 0) { iovecs = alloca(sizeof(*iovecs)); @@ -168,8 +170,10 @@ vfu_send_iovec(int sock, uint16_t msg_id, bool is_reply, msg.msg_iov = iovecs; if (fds != NULL) { - size_t size = count * sizeof *fds; - char *buf = alloca(CMSG_SPACE(size)); + size_t cmsg_space_aligned = MAX(CMSG_SPACE(size), sizeof(struct cmsghdr)); + + buf = alloca(cmsg_space_aligned); + memset(buf, 0, cmsg_space_aligned); msg.msg_control = buf; msg.msg_controllen = CMSG_SPACE(size); |