[strongSwan-dev] [PATCH] socket-default: fix use of uninitialized memory when forcing source address on outgoing packet.
Maxime Bizon
mbizon at freebox.fr
Fri Oct 30 18:27:58 CET 2015
On Fri, 2015-10-30 at 20:09 +0300, Dmitry Shubin wrote:
> I don't see any _uninitialized_ memory here. What I see, however, is
well, since buf is out of scope, you don't know what data the syscall
will actually read, more or less as if it was not initialized.
> buf[] being used (via msg.msg_control) outside the scope it is defined
> in. So, I believe, a simpler fix would be to move the buf[] definition
> to the function-level scope.
I disagree, I'd have to compute the buf maximum size by duplicating a
lot of #ifdef at the beginning, while there are IMO already too many of
them from a readability standpoint.
not to mention that max buf size is dynamic (it depends on address
family)
--
Maxime
More information about the Dev
mailing list