[ovs-dev] [valgrind 1/2] Zero padding bytes in odp_key_ipv4, odp_key_arp.

Ben Pfaff blp at nicira.com
Thu Feb 3 22:55:08 UTC 2011 

Done, thanks for the suggestion.

On Thu, Feb 03, 2011 at 02:44:40PM -0800, Justin Pettit wrote:
> Since you sent this out for review, we pushed the IPv6 code.  The
> ipv6_key structure has a similar hole to IPv4.  Would you mind adding
> it to this commit before you push?
> 
> --Justin
> 
> 
> On Feb 1, 2011, at 11:43 AM, Ben Pfaff wrote:
> 
> > This is a potential security issue for the kernel.  In userspace it just
> > provokes false-positive valgrind warnings (which is how I found it).
> > 
> > Signed-off-by: Ben Pfaff <blp at nicira.com>
> > ---
> > datapath/flow.c |    2 ++
> > lib/odp-util.c  |    2 ++
> > 2 files changed, 4 insertions(+), 0 deletions(-)
> > 
> > diff --git a/datapath/flow.c b/datapath/flow.c
> > index eb67cf4..d678769 100644
> > --- a/datapath/flow.c
> > +++ b/datapath/flow.c
> > @@ -622,6 +622,7 @@ int flow_to_nlattrs(const struct sw_flow_key *swkey, struct sk_buff *skb)
> > 		if (!nla)
> > 			goto nla_put_failure;
> > 		ipv4_key = nla_data(nla);
> > +		memset(ipv4_key, 0, sizeof *ipv4_key);
> > 		ipv4_key->ipv4_src = swkey->nw_src;
> > 		ipv4_key->ipv4_dst = swkey->nw_dst;
> > 		ipv4_key->ipv4_proto = swkey->nw_proto;
> > @@ -662,6 +663,7 @@ int flow_to_nlattrs(const struct sw_flow_key *swkey, struct sk_buff *skb)
> > 		if (!nla)
> > 			goto nla_put_failure;
> > 		arp_key = nla_data(nla);
> > +		memset(arp_key, 0, sizeof *arp_key);
> > 		arp_key->arp_sip = swkey->nw_src;
> > 		arp_key->arp_tip = swkey->nw_dst;
> > 		arp_key->arp_op = htons(swkey->nw_proto);
> > diff --git a/lib/odp-util.c b/lib/odp-util.c
> > index e50b578..34267c6 100644
> > --- a/lib/odp-util.c
> > +++ b/lib/odp-util.c
> > @@ -381,6 +381,7 @@ odp_flow_key_from_flow(struct ofpbuf *buf, const struct flow *flow)
> > 
> >         ipv4_key = nl_msg_put_unspec_uninit(buf, ODP_KEY_ATTR_IPV4,
> >                                             sizeof *ipv4_key);
> > +        memset(ipv4_key, 0, sizeof *ipv4_key);
> >         ipv4_key->ipv4_src = flow->nw_src;
> >         ipv4_key->ipv4_dst = flow->nw_dst;
> >         ipv4_key->ipv4_proto = flow->nw_proto;
> > @@ -413,6 +414,7 @@ odp_flow_key_from_flow(struct ofpbuf *buf, const struct flow *flow)
> > 
> >         arp_key = nl_msg_put_unspec_uninit(buf, ODP_KEY_ATTR_ARP,
> >                                            sizeof *arp_key);
> > +        memset(arp_key, 0, sizeof *arp_key);
> >         arp_key->arp_sip = flow->nw_src;
> >         arp_key->arp_tip = flow->nw_dst;
> >         arp_key->arp_op = htons(flow->nw_proto);
> > -- 
> > 1.7.1
> > 
> > 
> > _______________________________________________
> > dev mailing list
> > dev at openvswitch.org
> > http://openvswitch.org/mailman/listinfo/dev_openvswitch.org
>

More information about the dev mailing list