From: Tim Comer <comer0@gmail.com>
Date: Sat, 19 Apr 2014 17:39:57 +0000 (-0400)
Subject: virtfs-proxy-helper: fix call to accept
X-Git-Tag: qemu-xen-4.6.0-rc1~488^2~4
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=b0f9300ca389952aeaa4b96aa58bf3661e227420;p=qemu-upstream-unstable.git

virtfs-proxy-helper: fix call to accept

The current code calls accept() without initializing the size parameter
which means the accept call might write too much to the stack.

URL: https://bugs.gentoo.org/486714
Signed-off-by: Tim Comer <comer0@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---

diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
index bfecb8706..cd291d32f 100644
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -760,6 +760,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
         return -1;
     }
 
+    size = sizeof(qemu);
     client = accept(sock, (struct sockaddr *)&qemu, &size);
     if (client < 0) {
         do_perror("accept");