[ovs-dev] [valgrind 1/2] Zero padding bytes in odp_key_ipv4, odp_key_arp.
Ben Pfaff
blp at nicira.com
Tue Feb 1 19:43:58 UTC 2011
This is a potential security issue for the kernel. In userspace it just
provokes false-positive valgrind warnings (which is how I found it).
Signed-off-by: Ben Pfaff <blp at nicira.com>
---
datapath/flow.c | 2 ++
lib/odp-util.c | 2 ++
2 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/datapath/flow.c b/datapath/flow.c
index eb67cf4..d678769 100644
--- a/datapath/flow.c
+++ b/datapath/flow.c
@@ -622,6 +622,7 @@ int flow_to_nlattrs(const struct sw_flow_key *swkey, struct sk_buff *skb)
if (!nla)
goto nla_put_failure;
ipv4_key = nla_data(nla);
+ memset(ipv4_key, 0, sizeof *ipv4_key);
ipv4_key->ipv4_src = swkey->nw_src;
ipv4_key->ipv4_dst = swkey->nw_dst;
ipv4_key->ipv4_proto = swkey->nw_proto;
@@ -662,6 +663,7 @@ int flow_to_nlattrs(const struct sw_flow_key *swkey, struct sk_buff *skb)
if (!nla)
goto nla_put_failure;
arp_key = nla_data(nla);
+ memset(arp_key, 0, sizeof *arp_key);
arp_key->arp_sip = swkey->nw_src;
arp_key->arp_tip = swkey->nw_dst;
arp_key->arp_op = htons(swkey->nw_proto);
diff --git a/lib/odp-util.c b/lib/odp-util.c
index e50b578..34267c6 100644
--- a/lib/odp-util.c
+++ b/lib/odp-util.c
@@ -381,6 +381,7 @@ odp_flow_key_from_flow(struct ofpbuf *buf, const struct flow *flow)
ipv4_key = nl_msg_put_unspec_uninit(buf, ODP_KEY_ATTR_IPV4,
sizeof *ipv4_key);
+ memset(ipv4_key, 0, sizeof *ipv4_key);
ipv4_key->ipv4_src = flow->nw_src;
ipv4_key->ipv4_dst = flow->nw_dst;
ipv4_key->ipv4_proto = flow->nw_proto;
@@ -413,6 +414,7 @@ odp_flow_key_from_flow(struct ofpbuf *buf, const struct flow *flow)
arp_key = nl_msg_put_unspec_uninit(buf, ODP_KEY_ATTR_ARP,
sizeof *arp_key);
+ memset(arp_key, 0, sizeof *arp_key);
arp_key->arp_sip = flow->nw_src;
arp_key->arp_tip = flow->nw_dst;
arp_key->arp_op = htons(flow->nw_proto);
--
1.7.1
More information about the dev
mailing list