Il 19/04/2014 13:39, Mike Frysinger ha scritto:
From: Tim Comer <com...@gmail.com>
The current code calls accept() without initializing the size parameter
which means the accept call might write too much to the stack.
URL: https://bugs.gentoo.org/486714
Signed-off-by: Tim Comer <com...@gmail.com>
Signed-off-by: Mike Frysinger <vap...@gentoo.org>
---
fsdev/virtfs-proxy-helper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index bfecb87..cd291d3 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t
gid)
return -1;
}
+ size = sizeof(qemu);
client = accept(sock, (struct sockaddr *)&qemu, &size);
if (client < 0) {
do_perror("accept");
Reviewed-by: Paolo Bonzini <pbonz...@redhat.com>
