[ovs-dev] [leaks 2/7] ofp-util: Fix uninitialized bytes in OF1.0 and OF1.1 table stats replies.

Ethan Jackson ethan at nicira.com
Tue Jan 8 21:31:59 UTC 2013


Acked-by: Ethan Jackson <ethan at nicira.com>


On Wed, Dec 26, 2012 at 12:38 PM, Ben Pfaff <blp at nicira.com> wrote:

> Also, use ovs_strlcpy() instead of strcpy() just to be a teensy bit safer.
>
> Found by valgrind.
>
> Bug #14357.
> Signed-off-by: Ben Pfaff <blp at nicira.com>
> ---
>  lib/ofp-util.c |    8 ++++----
>  1 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/lib/ofp-util.c b/lib/ofp-util.c
> index e79cc72..2800866 100644
> --- a/lib/ofp-util.c
> +++ b/lib/ofp-util.c
> @@ -3382,9 +3382,9 @@ ofputil_put_ofp10_table_stats(const struct
> ofp12_table_stats *in,
>      struct ofp10_table_stats *out;
>      const struct wc_map *p;
>
> -    out = ofpbuf_put_uninit(buf, sizeof *out);
> +    out = ofpbuf_put_zeros(buf, sizeof *out);
>      out->table_id = in->table_id;
> -    strcpy(out->name, in->name);
> +    ovs_strlcpy(out->name, in->name, sizeof out->name);
>      out->wildcards = 0;
>      for (p = wc_map; p < &wc_map[ARRAY_SIZE(wc_map)]; p++) {
>          if (in->wildcards & htonll(1ULL << p->mf12)) {
> @@ -3442,9 +3442,9 @@ ofputil_put_ofp11_table_stats(const struct
> ofp12_table_stats *in,
>  {
>      struct ofp11_table_stats *out;
>
> -    out = ofpbuf_put_uninit(buf, sizeof *out);
> +    out = ofpbuf_put_zeros(buf, sizeof *out);
>      out->table_id = in->table_id;
> -    strcpy(out->name, in->name);
> +    ovs_strlcpy(out->name, in->name, sizeof out->name);
>      out->wildcards = oxm12_to_ofp11_flow_match_fields(in->wildcards);
>      out->match = oxm12_to_ofp11_flow_match_fields(in->match);
>      out->instructions = in->instructions;
> --
> 1.7.2.5
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-dev/attachments/20130108/cc415cb4/attachment-0003.html>


More information about the dev mailing list