diff options
-rw-r--r-- | lib/tran_sock.c | 8 | ||||
-rw-r--r-- | samples/client.c | 11 |
2 files changed, 13 insertions, 6 deletions
diff --git a/lib/tran_sock.c b/lib/tran_sock.c index dd682db..3d3b1fc 100644 --- a/lib/tran_sock.c +++ b/lib/tran_sock.c @@ -137,6 +137,8 @@ vfu_send_iovec(int sock, uint16_t msg_id, bool is_reply, struct vfio_user_header hdr = {.msg_id = msg_id}; struct msghdr msg; size_t i; + size_t size = count * sizeof *fds; + char *buf; if (nr_iovecs == 0) { iovecs = alloca(sizeof(*iovecs)); @@ -168,8 +170,10 @@ vfu_send_iovec(int sock, uint16_t msg_id, bool is_reply, msg.msg_iov = iovecs; if (fds != NULL) { - size_t size = count * sizeof *fds; - char *buf = alloca(CMSG_SPACE(size)); + size_t cmsg_space_aligned = MAX(CMSG_SPACE(size), sizeof(struct cmsghdr)); + + buf = alloca(cmsg_space_aligned); + memset(buf, 0, cmsg_space_aligned); msg.msg_control = buf; msg.msg_controllen = CMSG_SPACE(size); diff --git a/samples/client.c b/samples/client.c index dbff008..c026329 100644 --- a/samples/client.c +++ b/samples/client.c @@ -265,10 +265,12 @@ get_device_region_info(int sock, uint32_t index) struct vfio_region_info *region_info; size_t cap_sz; size_t size = sizeof(struct vfio_region_info); - size_t nr_fds = CLIENT_MAX_FDS; - int fds[nr_fds]; + int fds[CLIENT_MAX_FDS] = { 0 }; + size_t nr_fds = ARRAY_SIZE(fds); + region_info = alloca(size); + memset(region_info, 0, size); region_info->argsz = size; region_info->index = index; @@ -276,6 +278,7 @@ get_device_region_info(int sock, uint32_t index) if (region_info->argsz > size) { size = region_info->size; region_info = alloca(size); + memset(region_info, 0, size); region_info->argsz = size; region_info->index = index; do_get_device_region_info(sock, region_info, fds, &nr_fds); @@ -657,8 +660,8 @@ static void get_dirty_bitmaps(int sock, struct vfio_user_dma_region *dma_regions, UNUSED int nr_dma_regions) { - struct vfio_iommu_type1_dirty_bitmap dirty_bitmap = {0}; - struct vfio_iommu_type1_dirty_bitmap_get bitmaps[2]; + struct vfio_iommu_type1_dirty_bitmap dirty_bitmap = { 0 }; + struct vfio_iommu_type1_dirty_bitmap_get bitmaps[2] = { { 0 }, }; int ret; size_t i; struct iovec iovecs[4] = { |