From nobody Mon Feb 9 09:28:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1693396807; cv=none; d=zohomail.com; s=zohoarc; b=Yqc6jx3WXrocYaX7Y0/AliV7uCdQua0NtbYMVeORGhqkQ1jBFnBc8EPVwFiCvY73XxjzF1uxmQ4h8kVuJNfo7r/011PDaTqb3eYKZF7I2FfMrI1bS1Ry3qSUjJcN+sWXFKd+cOE659wbqteNPnIksQ9dFpq+DW8ebYiSkvrx3/g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1693396807; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=3toH/O0hAXkD6M01VVAzlN/7DoPI+ykVlOaHlvkF3AY=; b=m5dzV4bVyftk/zczoJzJMQF1oKRUZs6wkVMG7OOjVFHivOCsUugYLIYSSKvS2lG8OFIJc5kkxL7SIHD5ImR4jp4dnWEMMF00iPFM5WtK3tQ+TcOUhbtQjmkOP7USt+KPzw837JpolGVbFndhOxDlWJYPkJOKqlH6dAgcrg2emhM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1693396807772687.1512008409971; Wed, 30 Aug 2023 05:00:07 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-345-vsBHIup8PZS54ZHY5htrgg-1; Wed, 30 Aug 2023 08:00:04 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C465E101A5B9; Wed, 30 Aug 2023 12:00:01 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id B03FC140E919; Wed, 30 Aug 2023 12:00:01 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E233B19451F1; Wed, 30 Aug 2023 11:59:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 275FD1946A43 for ; Wed, 30 Aug 2023 11:59:32 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 1B5B7C15BB8; Wed, 30 Aug 2023 11:59:32 +0000 (UTC) Received: from speedmetal.lan (unknown [10.45.242.22]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1D69CC15BAE for ; Wed, 30 Aug 2023 11:59:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1693396806; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=3toH/O0hAXkD6M01VVAzlN/7DoPI+ykVlOaHlvkF3AY=; b=Dpwr53EbKTWkjijqApbtj6d5h3Wf+dMU6zibn/WogBwF7TGX49/dRqM5MuWJfbA3xPKoEy ZTOgNW3rhR2Ekh6fwino/ntDa58CJm3SFcGMIcPBXGjeqTG7RZkZDZiP5ODAdbCp8kxuRD AVeTinQKFCqWFtyk8cIFxrmflpaBNU8= X-MC-Unique: vsBHIup8PZS54ZHY5htrgg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 7/8] nss: aiforaf: Decrease stack size by scoping off large buffers. Date: Wed, 30 Aug 2023 13:59:21 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1693396809316100003 Content-Type: text/plain; charset="utf-8" The 'buf', 'sa' and 'hints' stack allocated helper variables are never used together. Decrease the stack memory usage by scoping them off into do-while blocks. In this instance we do not want to use dynamic allocation as this is the NSS module. Signed-off-by: Peter Krempa Reviewed-by: Kristina Hanicova --- tools/nss/libvirt_nss.c | 97 +++++++++++++++++++++++------------------ 1 file changed, 54 insertions(+), 43 deletions(-) diff --git a/tools/nss/libvirt_nss.c b/tools/nss/libvirt_nss.c index 37720bf4ae..dff3c034bf 100644 --- a/tools/nss/libvirt_nss.c +++ b/tools/nss/libvirt_nss.c @@ -470,61 +470,72 @@ aiforaf(const char *name, struct addrinfo **aip) { struct hostent resolved; - char buf[1024] =3D { 0 }; int err; - int herr; - struct addrinfo hints; - struct addrinfo *res0; - struct addrinfo *res; char **addrList; - if (NSS_NAME(gethostbyname2)(name, af, &resolved, - buf, sizeof(buf), - &err, &herr) !=3D NS_SUCCESS) - return; + /* Note: The do-while blocks in this function are used to scope off la= rge + * stack allocated buffers, which are not needed at the same time */ + do { + char buf[1024] =3D { 0 }; + int herr; + + if (NSS_NAME(gethostbyname2)(name, af, &resolved, + buf, sizeof(buf), + &err, &herr) !=3D NS_SUCCESS) + return; + } while (false); addrList =3D resolved.h_addr_list; while (*addrList) { - union { - struct sockaddr sa; - struct sockaddr_in sin; - struct sockaddr_in6 sin6; - } sa =3D { 0 }; - socklen_t salen; void *address =3D *addrList; char host[NI_MAXHOST]; + struct addrinfo *res0; + struct addrinfo *res; + + do { + union { + struct sockaddr sa; + struct sockaddr_in sin; + struct sockaddr_in6 sin6; + } sa =3D { 0 }; + socklen_t salen; + + if (resolved.h_addrtype =3D=3D AF_INET) { + sa.sin.sin_family =3D AF_INET; + memcpy(&sa.sin.sin_addr.s_addr, + address, + FAMILY_ADDRESS_SIZE(AF_INET)); + salen =3D sizeof(sa.sin); + } else { + sa.sin6.sin6_family =3D AF_INET6; + memcpy(&sa.sin6.sin6_addr.s6_addr, + address, + FAMILY_ADDRESS_SIZE(AF_INET6)); + salen =3D sizeof(sa.sin6); + } - if (resolved.h_addrtype =3D=3D AF_INET) { - sa.sin.sin_family =3D AF_INET; - memcpy(&sa.sin.sin_addr.s_addr, - address, - FAMILY_ADDRESS_SIZE(AF_INET)); - salen =3D sizeof(sa.sin); - } else { - sa.sin6.sin6_family =3D AF_INET6; - memcpy(&sa.sin6.sin6_addr.s6_addr, - address, - FAMILY_ADDRESS_SIZE(AF_INET6)); - salen =3D sizeof(sa.sin6); - } + if ((err =3D getnameinfo(&sa.sa, salen, + host, sizeof(host), + NULL, 0, + NI_NUMERICHOST | NI_NUMERICSERV)) !=3D = 0) { + ERROR("Cannot convert socket address to string: %s", + gai_strerror(err)); + continue; + } + } while (false); - if ((err =3D getnameinfo(&sa.sa, salen, - host, sizeof(host), - NULL, 0, - NI_NUMERICHOST | NI_NUMERICSERV)) !=3D 0) { - ERROR("Cannot convert socket address to string: %s", - gai_strerror(err)); - continue; - } + do { + struct addrinfo hints; - hints =3D *pai; - hints.ai_flags =3D AI_NUMERICHOST; - hints.ai_family =3D af; + hints =3D *pai; + hints.ai_flags =3D AI_NUMERICHOST; + hints.ai_family =3D af; - if (getaddrinfo(host, NULL, &hints, &res0)) { - addrList++; - continue; - } + if (getaddrinfo(host, NULL, &hints, &res0)) { + addrList++; + continue; + } + } while (false); for (res =3D res0; res; res =3D res->ai_next) res->ai_flags =3D pai->ai_flags; --=20 2.41.0