Re: [PATCH] passfd: fix use of uninitialised variable

Tue, 24 Feb 2015 04:50:12 -0800 

On Tue, Feb 24, 2015 at 12:17:19PM +0000, Pádraig Brady wrote:
> On 24/02/15 10:14, Pavel Hrdina wrote:
> > This was found by running libvirt using valgrind. Commit ee195daf
> > introduced passfd code.
> > 
> > ==7533== Syscall param sendmsg(msg.msg_control) points to uninitialised 
> > byte(s)
> > ==7533==    at 0x8C728FD: ??? (in /lib64/libpthread-2.19.so)
> > ==7533==    by 0x54F04D1: sendfd (passfd.c:86)
> > ==7533==    by 0x5437881: virNetSocketSendFD (virnetsocket.c:1766)
> > ==7533==    by 0x542C328: virNetServerClientDispatchWrite 
> > (virnetserverclient.c:1271)
> > ==7533==    by 0x542C328: virNetServerClientDispatchEvent 
> > (virnetserverclient.c:1371)
> > ==7533==    by 0x52CA076: virEventPollDispatchHandles (vireventpoll.c:508)
> > ==7533==    by 0x52CA076: virEventPollRunOnce (vireventpoll.c:657)
> > ==7533==    by 0x52C8581: virEventRunDefaultImpl (virevent.c:308)
> > ==7533==    by 0x1578FC: virNetServerRun (virnetserver.c:1139)
> > ==7533==    by 0x11E3EC: main (libvirtd.c:1491)
> > ==7533==  Address 0xffefff3f4 is on thread 1's stack
> > ==7533==  in frame #1, created by sendfd (passfd.c:51)
> > 
> > Signed-off-by: Pavel Hrdina <phrd...@redhat.com>
> > ---
> >  lib/passfd.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/lib/passfd.c b/lib/passfd.c
> > index 1958776..d832268 100644
> > --- a/lib/passfd.c
> > +++ b/lib/passfd.c
> > @@ -54,7 +54,7 @@ sendfd (int sock, int fd)
> >    struct msghdr msg;
> >  # ifdef CMSG_FIRSTHDR
> >    struct cmsghdr *cmsg;
> > -  char buf[CMSG_SPACE (sizeof fd)];
> > +  char buf[CMSG_SPACE (sizeof fd)] = "";
> >  # endif
> >  
> >    /* send at least one char */
> 
> While that works, it introduces redundant clearing of alignment slop space.
> I'll commit the following in your name instead. Can you check it passes?

Yes this works and there is no error reported by valgrind. Thanks,

Pavel

> 
> thanks,
> Pádraig.
> 
> diff --git a/lib/passfd.c b/lib/passfd.c
> index 1958776..4d6b813 100644
> --- a/lib/passfd.c
> +++ b/lib/passfd.c
> @@ -75,6 +75,7 @@ sendfd (int sock, int fd)
>    cmsg->cmsg_len = CMSG_LEN (sizeof fd);
>    /* Initialize the payload: */
>    memcpy (CMSG_DATA (cmsg), &fd, sizeof fd);
> +  msg.msg_controllen = cmsg->cmsg_len;
>  # elif HAVE_STRUCT_MSGHDR_MSG_ACCRIGHTS
>    msg.msg_accrights = &fd;
>    msg.msg_accrightslen = sizeof fd;
> 
>

Reply via email to