[PATCH] libnl: don't use out-of-scope buffer
Andrey Vagin
avagin at openvz.org
Mon Nov 23 06:31:41 PST 2015
From: Andrew Vagin <avagin at virtuozzo.com>
The control message buffer is desclared in the if body
and then this buffer is used outside.
Signed-off-by: Andrew Vagin <avagin at virtuozzo.com>
---
lib/nl.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/lib/nl.c b/lib/nl.c
index cba4217..493291a 100644
--- a/lib/nl.c
+++ b/lib/nl.c
@@ -395,11 +395,14 @@ int nl_send_iovec(struct nl_sock *sk, struct nl_msg *msg, struct iovec *iov, uns
/* Add credentials if present. */
creds = nlmsg_get_creds(msg);
if (creds != NULL) {
- char buf[CMSG_SPACE(sizeof(struct ucred))];
+ int len = CMSG_SPACE(sizeof(struct ucred));
struct cmsghdr *cmsg;
+ char *buf;
+
+ buf = alloca(len);
hdr.msg_control = buf;
- hdr.msg_controllen = sizeof(buf);
+ hdr.msg_controllen = len;
cmsg = CMSG_FIRSTHDR(&hdr);
cmsg->cmsg_level = SOL_SOCKET;
--
2.4.3
More information about the libnl
mailing list