提交 4acbb298 编写于 作者: E Eric Blake 提交者: Jim Meyering

uml: avoid crash on partial read

Coverity detected a potential dereference of uninitialized memory
if recvfrom got cut short.

* src/uml/uml_driver.c (umlMonitorCommand): Validate complete read
prior to dereferencing res.
上级 2103d87c
......@@ -733,14 +733,24 @@ static int umlMonitorCommand(virConnectPtr conn,
}
do {
ssize_t nbytes;
addrlen = sizeof(addr);
if (recvfrom(priv->monitor, &res, sizeof res, 0,
(struct sockaddr *)&addr, &addrlen) < 0) {
nbytes = recvfrom(priv->monitor, &res, sizeof res, 0,
(struct sockaddr *)&addr, &addrlen) < 0;
if (nbytes < 0) {
if (errno == EAGAIN || errno == EINTR)
continue;
virReportSystemError(errno,
_("cannot read reply %s"),
cmd);
goto error;
}
if (nbytes < sizeof res) {
virReportSystemError(errno,
_("incomplete reply %s"),
cmd);
goto error;
}
if (VIR_REALLOC_N(retdata, retlen + res.length) < 0) {
virReportOOMError();
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册