In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. tcp_emu in slirp/tcp_subr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure