From ed7452fbbf1f0cb860f145135139e378e3f14880 Mon Sep 17 00:00:00 2001
From: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Date: Mon, 25 Nov 2013 15:08:50 +0200
Subject: [PATCH] android/socket: Refactor socket send_fd function

Make code cleaner and initialize local cmsg buffer to zeroes.
---
 android/socket.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/android/socket.c b/android/socket.c
index 9ed8ea6e3..0fbf0f04c 100644
--- a/android/socket.c
+++ b/android/socket.c
@@ -397,7 +397,7 @@ static int bt_sock_send_fd(int sock_fd, const void *buf, int len, int send_fd)
 	struct msghdr msg;
 	struct cmsghdr *cmsg;
 	struct iovec iv;
-	char msgbuf[CMSG_SPACE(1)];
+	char cmsgbuf[CMSG_SPACE(sizeof(int))];
 
 	DBG("len %d sock_fd %d send_fd %d", len, sock_fd, send_fd);
 
@@ -405,13 +405,16 @@ static int bt_sock_send_fd(int sock_fd, const void *buf, int len, int send_fd)
 		return -1;
 
 	memset(&msg, 0, sizeof(msg));
+	memset(cmsgbuf, 0, sizeof(cmsgbuf));
+
+	msg.msg_control = cmsgbuf;
+	msg.msg_controllen = sizeof(cmsgbuf);
 
-	msg.msg_control = msgbuf;
-	msg.msg_controllen = sizeof(msgbuf);
 	cmsg = CMSG_FIRSTHDR(&msg);
 	cmsg->cmsg_level = SOL_SOCKET;
 	cmsg->cmsg_type = SCM_RIGHTS;
 	cmsg->cmsg_len = CMSG_LEN(sizeof(send_fd));
+
 	memcpy(CMSG_DATA(cmsg), &send_fd, sizeof(send_fd));
 
 	iv.iov_base = (unsigned char *) buf;
-- 
2.47.3