Le 16/05/2021 à 11:15, Kenta Iwasaki a écrit :
> The mixing of libc and kernel versions of the layout of the `msghdr`
> struct causes EMSGSIZE to be returned by sendmsg if the `msghdr` struct
> is not zero-initialized (such that padding bytes comprise of
> uninitialized memory).
>
> Other parts of the QEMU codebase appear to zero-initialize the `msghdr`
> struct to workaround these struct layout issues, except for
> do_sendrecvmsg_locked in linux-user/syscall.c.
>
> This patch zero-initializes the `msghdr` struct in
> do_sendrecvmsg_locked.
>
> Signed-off-by: Kenta Iwasaki <ke...@lithdew.net>
> ---
> linux-user/syscall.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 95d79ddc43..f60b7e04d5 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -3337,7 +3337,7 @@ static abi_long do_sendrecvmsg_locked(int fd, struct
> target_msghdr *msgp,
> int flags, int send)
> {
> abi_long ret, len;
> - struct msghdr msg;
> + struct msghdr msg = { 0 };
> abi_ulong count;
> struct iovec *vec;
> abi_ulong target_vec;
>
It seems do_sendrecvmsg_locked() initializes all the fields of the structure, I
don't see why we
need to clear it before use.
Could you explain more?
Thanks,
Laurent
