diff options
| author | Roland Dreier <rolandd@cisco.com> | 2005-10-12 21:56:46 +0000 |
|---|---|---|
| committer | Roland Dreier <rolandd@cisco.com> | 2006-11-09 11:35:57 -0800 |
| commit | fcdf175c5a6684dad0677e8d06e3071ba2aaf410 (patch) | |
| tree | c92400d9550eb1ed356812c051181759bd55a7ae | |
| parent | d331eb11c348fc2b61fe24e07bc6dc46155122e2 (diff) | |
| download | libibverbs-fcdf175c5a6684dad0677e8d06e3071ba2aaf410.tar.gz | |
Avoid potential buffer overrun in ibv_srq_pingpong
Fix overrun in ibv_srq_pingpong (detected by Fedora Core 4
"FORTIFY_SOURCE").
Signed-off-by: Roland Dreier <rolandd@cisco.com>
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | examples/srq_pingpong.c | 2 |
2 files changed, 8 insertions, 0 deletions
@@ -1,3 +1,9 @@ +2005-10-12 Roland Dreier <roland@cisco.com> + + * examples/srq_pingpong.c (main): Zero out unused entries in + my_dest array to avoid string overflows when we send to the other + side. + 2005-10-09 Roland Dreier <roland@cisco.com> * examples/devinfo.c (print_hca_cap): Only print max_mr_size and diff --git a/examples/srq_pingpong.c b/examples/srq_pingpong.c index aa4ef1f..c9108ca 100644 --- a/examples/srq_pingpong.c +++ b/examples/srq_pingpong.c @@ -637,6 +637,8 @@ int main(int argc, char *argv[]) return 1; } + memset(my_dest, 0, sizeof my_dest); + for (i = 0; i < num_qp; ++i) { my_dest[i].qpn = ctx->qp[i]->qp_num; my_dest[i].psn = lrand48() & 0xffffff; |