tap: Check return value of accept4() before calling getsockopt()
Reported by Coverity (CWE-119): Negative value used as argument to a function expecting a positive value (for example, size of buffer or allocation) and harmless, because getsockopt() would return -EBADF if the socket is -1, so we wouldn't print anything. Check if accept4() returns a valid socket before calling getsockopt() on it. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
parent
a39398e840
commit
d30bde3181
1 changed files with 4 additions and 2 deletions
4
tap.c
4
tap.c
|
@ -872,10 +872,12 @@ static void tap_sock_unix_new(struct ctx *c)
|
||||||
int discard = accept4(c->fd_tap_listen, NULL, NULL,
|
int discard = accept4(c->fd_tap_listen, NULL, NULL,
|
||||||
SOCK_NONBLOCK);
|
SOCK_NONBLOCK);
|
||||||
|
|
||||||
|
if (discard == -1)
|
||||||
|
return;
|
||||||
|
|
||||||
if (!getsockopt(discard, SOL_SOCKET, SO_PEERCRED, &ucred, &len))
|
if (!getsockopt(discard, SOL_SOCKET, SO_PEERCRED, &ucred, &len))
|
||||||
info("discarding connection from PID %i", ucred.pid);
|
info("discarding connection from PID %i", ucred.pid);
|
||||||
|
|
||||||
if (discard != -1)
|
|
||||||
close(discard);
|
close(discard);
|
||||||
|
|
||||||
return;
|
return;
|
||||||
|
|
Loading…
Reference in a new issue