[PATCH] use of uninitialized variable fds in main_noinetd()
Timur R. Mustafin
Timur.R.Mustafin at mcst.ru
Sat Nov 30 03:02:50 AWST 2019
Hi.
I started dropbear application on our e2k platform in specific
"protected mode". Particulary it cheks in runtime for use of
uninitialized variables. So it finds such case in file svr-main.c with
variable fds in main_noinetd(). Patch is very small:
diff -ruN dropbear-2019.78.orig/svr-main.c dropbear-2019.78/svr-main.c
--- dropbear-2019.78.orig/svr-main.c 2019-03-27 17:15:23.000000000 +0300
+++ dropbear-2019.78/svr-main.c 2019-11-13 19:40:36.688398257 +0300
@@ -143,7 +143,9 @@
{
dropbear_exit("No listening ports available.");
}
+ /* Initialize fds by zeroes before use */
+ FD_ZERO(&fds);
for (i = 0; i < listensockcount; i++) {
FD_SET(listensocks[i], &fds);
}
More information about the Dropbear
mailing list