[Pkg-vsquare-devel] Bug#434071: vde2: vdeq/vdeqemu uses uninitialised variable for socket mode
John Hughes
john at calva.com
Sat Jul 21 10:25:30 UTC 2007
Package: vde2
Version: 2.1.6+r154-1+b1
Severity: normal
In vdeq.c we have:
mode_t mode;
[...]
if (argc > 2 && (
(strcmp(argv[1],"--mod")==0) ||
(strcmp(argv[1],"-m")==0))
){
sscanf(argv[2],"%o",&mode);
argv+=2;
argc-=2;
}
[...]
for (i=0; i<nb_nics; i++) {
struct vde_open_args vdearg={ports[i],NULL,mode};
conn[i]=vde_open(sockname[i],"vdeqemu",&vdearg);
so if the user doesn't give the --mod or -m option vde_open gets called
with unitialised mode and so the socket gets chmoded to some
unpredictable mode, which will stop everything working of it happens not
to have write permission.
Fix is simple, initialise mode to zero on declaration.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.21-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages vde2 depends on:
ii adduser 3.104 add and remove users and groups
ii libc6 2.6-2 GNU C Library: Shared libraries
ii libvdeplug2 2.1.6+r154-1+b1 Virtual Distributed Ethernet - Plu
Versions of packages vde2 recommends:
ii daemon 0.6.3-1 turns other processes into daemons
-- no debconf information
More information about the Pkg-vsquare-devel
mailing list