[ovs-dev] [PATCH] Always use valid ids pointer in dec_ttl_cnt_ids_from_openflow()
Simon Horman
horms at verge.net.au
Mon Jun 3 05:46:30 UTC 2013
Always update the ids pointer after calling ofpbuf_put()
to ensure that it is valid when accessed.
During testing a case came up where the call to ofpbuf_put() in the
for (i = 0; i < ids->n_controllers; i++) loop would cause the underlying
buffer to be reallocated. This resulted in ids->n_controllers being an
incorrect value, the loop continuing on longer than desired and finally a
segmentation fault.
Reported-by: Joe Stringer <joe at wand.net.nz>
Signed-off-by: Simon Horman <horms at verge.net.au>
---
lib/ofp-actions.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/ofp-actions.c b/lib/ofp-actions.c
index d9d90ea..a445990 100644
--- a/lib/ofp-actions.c
+++ b/lib/ofp-actions.c
@@ -209,9 +209,9 @@ dec_ttl_cnt_ids_from_openflow(const struct nx_action_cnt_ids *nac_ids,
for (i = 0; i < ids->n_controllers; i++) {
uint16_t id = ntohs(((ovs_be16 *)(nac_ids + 1))[i]);
ofpbuf_put(out, &id, sizeof id);
+ ids = out->l2;
}
- ids = out->l2;
ofpact_update_len(out, &ids->ofpact);
return 0;
--
1.8.2.1
More information about the dev
mailing list