On a Monday in 2026, Julio Faracco wrote:
The virSocketAddrFormatWithPrefix() function has a bug where the 'network' variable is left uninitialized when masked=false. This occurs because the function only assigns to 'network' inside the masked=true conditional branch.When masked=false, the caller wants to format the original address
There is no such caller, ever since its introduction in:
commit 426afc0082f1d28449380a5c9260d64ed7183e38
util: rename/move iptablesFormatNetwork to virSocketAddrFormatWithPrefix
we always passed masked=true.
I think dropping the "masked" argument is easier here.
Also, calling it "unitialized" evokes some kind of omission that made
the function work by accident. Here, the "addr" is never used
so the function would not even work.
Jano
with a prefix notation (e.g., "1.2.3.4/24") without applying the network mask. However, the code was only initializing 'network' when masking was requested, causing the subsequent virSocketAddrFormat(&network) call to operate on uninitialized data. Fix this by adding an else branch that copies the original address to 'network' when masking is not requested. This ensures 'network' is properly initialized in both code paths. Signed-off-by: Julio Faracco <[email protected]> --- src/util/virsocketaddr.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)
signature.asc
Description: PGP signature
