2 files changed, 13 insertions, 6 deletions

diff --git a/lib/tran_sock.c b/lib/tran_sock.c
index dd682db..3d3b1fc 100644
--- a/lib/tran_sock.c
+++ b/lib/tran_sock.c
@@ -137,6 +137,8 @@ vfu_send_iovec(int sock, uint16_t msg_id, bool is_reply,
     struct vfio_user_header hdr = {.msg_id = msg_id};
     struct msghdr msg;
     size_t i;
+    size_t size = count * sizeof *fds;
+    char *buf;
 
     if (nr_iovecs == 0) {
         iovecs = alloca(sizeof(*iovecs));
@@ -168,8 +170,10 @@ vfu_send_iovec(int sock, uint16_t msg_id, bool is_reply,
     msg.msg_iov = iovecs;
 
     if (fds != NULL) {
-        size_t size = count * sizeof *fds;
-        char *buf = alloca(CMSG_SPACE(size));
+        size_t cmsg_space_aligned = MAX(CMSG_SPACE(size), sizeof(struct cmsghdr));
+
+        buf = alloca(cmsg_space_aligned);
+        memset(buf, 0, cmsg_space_aligned);
 
         msg.msg_control = buf;
         msg.msg_controllen = CMSG_SPACE(size);
diff --git a/samples/client.c b/samples/client.c
index dbff008..c026329 100644
--- a/samples/client.c
+++ b/samples/client.c
@@ -265,10 +265,12 @@ get_device_region_info(int sock, uint32_t index)
     struct vfio_region_info *region_info;
     size_t cap_sz;
     size_t size = sizeof(struct vfio_region_info);
-    size_t nr_fds = CLIENT_MAX_FDS;
-    int fds[nr_fds];
+    int fds[CLIENT_MAX_FDS] = { 0 };
+    size_t nr_fds = ARRAY_SIZE(fds);
+
 
     region_info = alloca(size);
+    memset(region_info, 0, size);
     region_info->argsz = size;
     region_info->index = index;
 
@@ -276,6 +278,7 @@ get_device_region_info(int sock, uint32_t index)
     if (region_info->argsz > size) {
         size = region_info->size;
         region_info = alloca(size);
+        memset(region_info, 0, size);
         region_info->argsz = size;
         region_info->index = index;
         do_get_device_region_info(sock, region_info, fds, &nr_fds);
@@ -657,8 +660,8 @@ static void
 get_dirty_bitmaps(int sock, struct vfio_user_dma_region *dma_regions,
                   UNUSED int nr_dma_regions)
 {
-    struct vfio_iommu_type1_dirty_bitmap dirty_bitmap = {0};
-    struct vfio_iommu_type1_dirty_bitmap_get bitmaps[2];
+    struct vfio_iommu_type1_dirty_bitmap dirty_bitmap = { 0 };
+    struct vfio_iommu_type1_dirty_bitmap_get bitmaps[2] = { { 0 }, };
     int ret;
     size_t i;
     struct iovec iovecs[4] = {