[ovs-dev] [Simple DB Stats 06/11] ovsdb-idlc: Fix sizeof calculation in generated code.

Ben Pfaff blp at nicira.com
Fri Jun 11 00:14:36 UTC 2010


Generated <prefix>_<struct>_parse_<column> functions did not allocate
enough memory for the "value" array, because code that should have said,
e.g.:
    row->value_options = xmalloc(datum->n * sizeof *row->value_options);
actually said:
    row->value_options = xmalloc(datum->n * sizeof row->value_options);

This fixes the problem.  I also checked that the same problem didn't occur
elsewhere in the generated code.

(This would be a fairly serious bug fix, because without it reads and
writes beyond the end of allocated memory would be almost inevitable,
except that every existing map has string values, and sizeof(char*)
== sizeof(char**) on any sane system.)
---
 ovsdb/ovsdb-idlc.in |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
index c89048e..d545d64 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -311,7 +311,7 @@ static void
                 print "%sif (!row->n_%s) {" % (indent, columnName)
                 print "%s    %s = xmalloc(%s * sizeof *%s);" % (indent, keyVar, nMax, keyVar)
                 if valueVar:
-                    print "%s    %s = xmalloc(%s * sizeof %s);" % (indent, valueVar, nMax, valueVar)
+                    print "%s    %s = xmalloc(%s * sizeof *%s);" % (indent, valueVar, nMax, valueVar)
                 print "%s}" % indent
                 print "%s%s[row->n_%s] = %s;" % (indent, keyVar, columnName, keySrc)
                 if valueVar:
-- 
1.7.1





More information about the dev mailing list