Skip to content

Commit

Permalink
Init 'buffer' sent with 'sendmsg' in 'svc_dg_reply'
Browse files Browse the repository at this point in the history 
Fixed the following valgrind report by initializing
'buffer' to 0 in 'svc_dg_reply':
==2615== Syscall param sendmsg(msg.msg_control) points to uninitialised byte(s)
==2615==    at 0x6651C6D: ??? (in /usr/lib64/libpthread-2.17.so)
==2615==    by 0x6A8A9E1: svc_dg_reply (svc_dg.c:465)
==2615==    by 0x6A88748: svc_sendreply (svc.c:549)
==2615==    by 0x44CDF2: nfs_rpc_execute (nfs_worker_thread.c:1344)
==2615==    by 0x44D447: worker_run (nfs_worker_thread.c:1562)
==2615==    by 0x50C4FF: fridgethr_start_routine (fridgethr.c:550)
==2615==    by 0x664AE24: start_thread (in /usr/lib64/libpthread-2.17.so)
==2615==    by 0x6FC434C: clone (in /usr/lib64/libc-2.17.so)
==2615==  Address 0x1360ce08 is on thread 17's stack
==2615==  in frame linuxbox2#1, created by svc_dg_reply (svc_dg.c:407)

Signed-off-by: Madhu Thorat <madhu.punjabi@in.ibm.com>
(cherry picked from commit 52b1b5a)
  • Loading branch information
@madhuthorat
madhuthorat committed Aug 2, 2019
1 parent b089305 commit 982f064
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/svc_dg.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -427,7 +427,7 @@ svc_dg_reply(struct svc_req *req)
struct cmsghdr *cmsg;
struct iovec iov;
size_t slen;
char buffer[SVC_CMSG_SIZE];
char buffer[SVC_CMSG_SIZE] = {0};

if (!xprt->xp_remote.nb.len) {
__warnx(TIRPC_DEBUG_FLAG_WARN,
Expand Down

0 comments on commit 982f064

Please sign in to comment.