nbd: fix use of two uninitialized bytes when connecting to a named export

Reported-by: Michal Privoznik <mprivoznik@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/nbd.c b/nbd.c
index 97a5914e0f375f6c5059ee6f1d001ea7633f11ad..01976e8e33938668f778ffd7f5b3da441dd170ce 100644 (file)
--- a/nbd.c
+++ b/nbd.c
@@ -397,6 +397,7 @@ static int nbd_send_negotiate(NBDClient *client)
     rc = -EINVAL;
 
     TRACE("Beginning negotiation.");
+    memset(buf, 0, sizeof(buf));
     memcpy(buf, "NBDMAGIC", 8);
     if (client->exp) {
         assert ((client->exp->nbdflags & ~65535) == 0);
@@ -406,7 +407,6 @@ static int nbd_send_negotiate(NBDClient *client)
     } else {
         cpu_to_be64w((uint64_t*)(buf + 8), NBD_OPTS_MAGIC);
     }
-    memset(buf + 28, 0, 124);
 
     if (client->exp) {
         if (write_sync(csock, buf, sizeof(buf)) != sizeof(buf)) {