From: Tim Comer <com...@gmail.com> The current code calls accept() without initializing the size parameter which means the accept call might write too much to the stack.
URL: https://bugs.gentoo.org/486714 Signed-off-by: Tim Comer <com...@gmail.com> Signed-off-by: Mike Frysinger <vap...@gentoo.org> --- fsdev/virtfs-proxy-helper.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c index bfecb87..cd291d3 100644 --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid) return -1; } + size = sizeof(qemu); client = accept(sock, (struct sockaddr *)&qemu, &size); if (client < 0) { do_perror("accept"); -- 1.9.2
