From 7bbd09d9410f5fc0d22f00db26306234a50217a2 Mon Sep 17 00:00:00 2001
From: Andrew Vagin <avagin@virtuozzo.com>
Date: Mon, 23 Nov 2015 17:23:20 +0300
Subject: [PATCH] libnl: don't use out-of-scope buffer in nl_send_iovec()

The control message buffer is desclared in the if body
and then this buffer is used outside.

http://lists.infradead.org/pipermail/libnl/2015-November/002013.html

Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
---
 lib/nl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/nl.c b/lib/nl.c
index cba42170a..2d1ce81cc 100644
--- a/lib/nl.c
+++ b/lib/nl.c
@@ -384,6 +384,7 @@ int nl_send_iovec(struct nl_sock *sk, struct nl_msg *msg, struct iovec *iov, uns
 		.msg_iov = iov,
 		.msg_iovlen = iovlen,
 	};
+	char buf[CMSG_SPACE(sizeof(struct ucred))];
 
 	/* Overwrite destination if specified in the message itself, defaults
 	 * to the peer address of the socket.
@@ -395,7 +396,6 @@ int nl_send_iovec(struct nl_sock *sk, struct nl_msg *msg, struct iovec *iov, uns
 	/* Add credentials if present. */
 	creds = nlmsg_get_creds(msg);
 	if (creds != NULL) {
-		char buf[CMSG_SPACE(sizeof(struct ucred))];
 		struct cmsghdr *cmsg;
 
 		hdr.msg_control = buf;