On Fri, Nov 03, 2017 at 06:46:57PM +0000, Peter Maydell wrote:
On 8 August 2017 at 21:38, Jens Freimann <jfreim...@redhat.com> wrote:
@@ -333,8 +333,13 @@ static NetSocketState
*net_socket_fd_init_dgram(NetClientState *peer,
* by ONLY ONE process: we must "clone" this dgram socket --jjo
*/
- if (is_connected) {
- if (getsockname(fd, (struct sockaddr *) &saddr, &saddr_len) == 0) {
+ if (is_connected && mcast != NULL) {
This changes the condition() under which we fill in the struct sockaddr_in saddr
from "if (is_connected)" to "if (is_connected && mcast != NULL)"...
+ if (parse_host_port(&saddr, mcast) < 0) {
+ fprintf(stderr,
+ "qemu: error: init_dgram: fd=%d failed
parse_host_port()\n",
+ fd);
+ goto err;
+ }
/* must be bound */
if (saddr.sin_addr.s_addr == 0) {
fprintf(stderr, "qemu: error: init_dgram: fd=%d unbound, "
...but later in the function we do:
/* mcast: save bound address as dst */
if (is_connected) {
This should be changed to "if (is_connected && mcast != NULL)" because
it is only necessary to do this if there is a multicast address specified.
s->dgram_dst = saddr;
snprintf(nc->info_str, sizeof(nc->info_str),
"socket: fd=%d (cloned mcast=%s:%d)",
fd, inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port));
} else {
snprintf(nc->info_str, sizeof(nc->info_str),
"socket: fd=%d", fd);
}
and coverity correctly points out that if is_connected is true
but mcast is NULL then we use 'saddr' without having initialized
it properly.
Any suggestions for the correct fix for this?
I think we should initialize saddr to 0 and do the above change. I'll send a
patch.
Thanks!
regards,
Jens
