[ovs-dev] [branch-1.1 34/34] datapath: Avoid freeing wild pointer in corner case.
Ben Pfaff
blp at nicira.com
Fri Apr 29 21:57:05 UTC 2011
In odp_flow_cmd_new_or_set(), if flow_actions_alloc() fails in the "new
flow" case, then flow_put() will kfree() the new flow's 'sf_acts' pointer,
but nothing has initialized that pointer. Initialize the pointer to NULL
to avoid the problem.
Found by inspection.
Signed-off-by: Ben Pfaff <blp at nicira.com>
Acked-by: Jesse Gross <jesse at nicira.com>
---
datapath/flow.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/datapath/flow.c b/datapath/flow.c
index f264866..d670925 100644
--- a/datapath/flow.c
+++ b/datapath/flow.c
@@ -196,6 +196,7 @@ struct sw_flow *flow_alloc(void)
spin_lock_init(&flow->lock);
atomic_set(&flow->refcnt, 1);
+ flow->sf_acts = NULL;
flow->dead = false;
return flow;
--
1.7.4.4
More information about the dev
mailing list