On 20.03.2014 11:34, Daniel P. Berrange wrote:
The virSocketAddrMask method did not initialize all fields in the sockaddr_in6 struct. In paticular the 'sin6_scope_id' field could contain random garbage, which would in turn affect the result of any later virSocketAddrFormat calls. This led to ip6tables rules in the FORWARD chain which matched on random garbage sin6_scope_id. Fortunately these were ACCEPT rules, so the impact was merely that desired traffic was blocked, rather than undesired traffic allowed. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> --- src/util/virsocketaddr.c | 1 + tests/sockettest.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+)
ACK Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list