mirror of
https://github.com/Motorhead1991/qemu.git
synced 2025-12-11 16:00:50 -07:00
7b3c618ad0
When sending file descriptors over a socket, we have to
allocate a data buffer to hold the FDs in the scmsghdr.
Unfortunately we allocated the buffer on the stack inside
an if () {} block, but called sendmsg() outside the block.
So the stack bytes holding the FDs were liable to be
overwritten with other data. By luck this was not a problem
when sending 1 FD, but if sending 2 or more then it would
fail.
The fix is to simply move the variables outside the nested
'if' block. To keep valgrind quiet we also zero-initialize
the 'control' buffer.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
||
|---|---|---|
| .. | ||
| channel-buffer.c | ||
| channel-command.c | ||
| channel-file.c | ||
| channel-socket.c | ||
| channel-tls.c | ||
| channel-watch.c | ||
| channel-websock.c | ||
| channel.c | ||
| Makefile.objs | ||
| task.c | ||