net_socket_fd_init_dgram() passes an uninitialized address length to
getsockname(). I guess this happens to work as long as the junk value
is at least sizeof(sockaddr_in).
Spotted by Coverity.
Signed-off-by: Markus Armbruster <arm...@redhat.com>
---
net/socket.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/socket.c b/net/socket.c
index e9ef128..eb3e0d6 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -260,6 +260,7 @@ static NetSocketState *net_socket_fd_init_dgram(VLANState
*vlan,
*/
if (is_connected) {
+ saddr_len = sizeof(saddr);
if (getsockname(fd, (struct sockaddr *) &saddr, &saddr_len) == 0) {
/* must be bound */
if (saddr.sin_addr.s_addr==0) {
--
1.7.6.4
