From 8be1120904b47feded4e743d79179f2a63c3f718 Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Tue, 14 Mar 2017 15:41:38 +0100
Subject: [PATCH] reds-stream: Don't use sendmsg with uninitialized memory

On my 64 bit Fedora 25, CMSG_SPACE() adds 4 bytes of padding after the
file descriptor in the control data. This causes warnings when ran under
valgrind as we set msg_controllen to CMSG_SPACE().

This commit fills the control data to 0 to avoid these warnings.

==30301== Syscall param sendmsg(msg.msg_control) points to uninitialised byte(s)
==30301==    at 0x8127367: sendmsg (sendmsg.c:28)
==30301==    by 0x41880B: reds_stream_send_msgfd (reds-stream.c:295)
==30301==    by 0x40953F: main (test-stream.c:121)
==30301==  Address 0xffefff1b4 is on thread 1's stack
==30301==  in frame #1, created by reds_stream_send_msgfd (reds-stream.c:263)

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Acked-by: Pavel Grunt <pgrunt@redhat.com>
---
 server/reds-stream.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/server/reds-stream.c b/server/reds-stream.c
index a813a8b8..8ac296d2 100644
--- a/server/reds-stream.c
+++ b/server/reds-stream.c
@@ -283,6 +283,10 @@ int reds_stream_send_msgfd(RedsStream *stream, int fd)
     if (fd != -1) {
         msgh.msg_control = control.data;
         msgh.msg_controllen = sizeof(control.data);
+        /* CMSG_SPACE() might be larger than CMSG_LEN() as it can include some
+         * padding. We set the whole control data to 0 to avoid valgrind warnings
+         */
+        memset(control.data, 0, sizeof(control.data));
 
         cmsg = CMSG_FIRSTHDR(&msgh);
         cmsg->cmsg_len = CMSG_LEN(fd_size);