diff options
author | Peter Maydell <peter.maydell@linaro.org> | 2021-08-13 16:05:03 +0100 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2021-08-26 17:02:00 +0100 |
commit | 59292384621e93f707f862b6936694e56a6daed0 (patch) | |
tree | b7a91c8e469b70fc71695c20999cadf7043a971a /net | |
parent | 8efdb7ba1b2acce9fb63ccc2e7982e19fdf5be86 (diff) | |
download | qemu-59292384621e93f707f862b6936694e56a6daed0.zip qemu-59292384621e93f707f862b6936694e56a6daed0.tar.gz qemu-59292384621e93f707f862b6936694e56a6daed0.tar.bz2 |
net: Zero sockaddr_in in parse_host_port()
We don't currently zero-initialize the 'struct sockaddr_in' that
parse_host_port() fills in, so any fields we don't explicitly
initialize might be left as random garbage. POSIX states that
implementations may define extensions in sockaddr_in, and that those
extensions must not trigger if zero-initialized. So not zero
initializing might result in inadvertently triggering an impdef
extension.
memset() the sockaddr_in before we start to fill it in.
Fixes: Coverity CID 1005338
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-id: 20210813150506.7768-2-peter.maydell@linaro.org
Diffstat (limited to 'net')
-rw-r--r-- | net/net.c | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -75,6 +75,8 @@ int parse_host_port(struct sockaddr_in *saddr, const char *str, const char *addr, *p, *r; int port, ret = 0; + memset(saddr, 0, sizeof(*saddr)); + substrings = g_strsplit(str, ":", 2); if (!substrings || !substrings[0] || !substrings[1]) { error_setg(errp, "host address '%s' doesn't contain ':' " |