[PATCH] virsocketaddr: Zero @netmask in virSocketAddrPrefixToNetmask()

Fri Oct 9 14:43:07 UTC 2020

The aim of virSocketAddrPrefixToNetmask() is to initialize passed
virSocketAddr structure based on prefix length and family.
However, it doesn't set all members in the struct which may lead
to reads of uninitialized values:

==15421== Use of uninitialised value of size 8
==15421==    at 0x50F297A: _itoa_word (in /lib64/libc-2.31.so)
==15421==    by 0x510C8FE: __vfprintf_internal (in /lib64/libc-2.31.so)
==15421==    by 0x5120295: __vsnprintf_internal (in /lib64/libc-2.31.so)
==15421==    by 0x50F8969: snprintf (in /lib64/libc-2.31.so)
==15421==    by 0x51BB602: getnameinfo (in /lib64/libc-2.31.so)
==15421==    by 0x496DEE0: virSocketAddrFormatFull (virsocketaddr.c:486)
==15421==    by 0x496DD9F: virSocketAddrFormat (virsocketaddr.c:444)
==15421==    by 0x11871F: networkDnsmasqConfContents (bridge_driver.c:1404)
==15421==    by 0x1118F5: testCompareXMLToConfFiles (networkxml2conftest.c:48)
==15421==    by 0x111BAF: testCompareXMLToConfHelper (networkxml2conftest.c:112)
==15421==    by 0x112679: virTestRun (testutils.c:142)
==15421==    by 0x111D09: mymain (networkxml2conftest.c:144)
==15421==  Uninitialised value was created by a stack allocation
==15421==    at 0x1175D2: networkDnsmasqConfContents (bridge_driver.c:1056)

All callers expect the function to initialize the structure
fully.

Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
---
 src/util/virsocketaddr.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/util/virsocketaddr.c b/src/util/virsocketaddr.c
index e0eb76ded3..65aaa632c7 100644
--- a/src/util/virsocketaddr.c
+++ b/src/util/virsocketaddr.c
@@ -1097,6 +1097,8 @@ virSocketAddrPrefixToNetmask(unsigned int prefix,
                              virSocketAddrPtr netmask,
                              int family)
 {
+    memset(netmask, 0, sizeof(*netmask));
+
     netmask->data.stor.ss_family = AF_UNSPEC; /* assume failure */
 
     if (family == AF_INET) {
@@ -1135,7 +1137,7 @@ virSocketAddrPrefixToNetmask(unsigned int prefix,
     }
 
     return 0;
- }
+}
 
 /**
  * virSocketAddrGetIPPrefix:
-- 
2.26.2


