summaryrefslogtreecommitdiff
path: root/fsdev
diff options
context:
space:
mode:
authorTim Comer <comer0@gmail.com>2014-04-19 13:39:57 -0400
committerMichael Tokarev <mjt@tls.msk.ru>2014-04-28 08:55:32 +0400
commitb0f9300ca389952aeaa4b96aa58bf3661e227420 (patch)
tree7a531e5426e29bd948fe5e97e5732ef38da5a5b1 /fsdev
parent9057698d93cd4678788d1e8e0eaa5adb4fcbd82c (diff)
downloadqemu-b0f9300ca389952aeaa4b96aa58bf3661e227420.tar.gz
qemu-b0f9300ca389952aeaa4b96aa58bf3661e227420.tar.bz2
qemu-b0f9300ca389952aeaa4b96aa58bf3661e227420.zip
virtfs-proxy-helper: fix call to accept
The current code calls accept() without initializing the size parameter which means the accept call might write too much to the stack. URL: https://bugs.gentoo.org/486714 Signed-off-by: Tim Comer <comer0@gmail.com> Signed-off-by: Mike Frysinger <vapier@gentoo.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Diffstat (limited to 'fsdev')
-rw-r--r--fsdev/virtfs-proxy-helper.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index bfecb8706c..cd291d32f2 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
return -1;
}
+ size = sizeof(qemu);
client = accept(sock, (struct sockaddr *)&qemu, &size);
if (client < 0) {
do_perror("accept");