[ovs-dev] [PATCH 1/4] dpif-linux: Avoid null dereference if all ports disappear.
Ben Pfaff
blp at nicira.com
Tue Jul 15 17:15:03 UTC 2014
On Tue, Jul 15, 2014 at 04:13:05PM +1200, Joe Stringer wrote:
> On 15 July 2014 09:10, Ben Pfaff <blp at nicira.com> wrote:
>
> > When dpif_linux_refresh_channels() refreshes the set of channels when
> > the number of handlers changes, it destroys all the dpif's channels and
> > sets dpif->uc_array_size to 0. If the port dump later in the function
> > turns up no ports (which generally indicates a bug), then no channels will
> > be allocated and thus dpif->uc_array_size will remain 0 and 'channels' will
> > be null in each handler. This is self-consistent, at least, but
> > dpif_linux_port_get_pid__() was still willing in this situation to
> > try to access element 0 of the set of channels, dereferencing a null
> > pointer.
> >
> > This fixes the problem.
> >
> > I encountered this while looking at a bug that I had introduced during
> > development that caused the port dump to always be empty. It would be
> > difficult to encounter in normal use.
> >
> > Signed-off-by: Ben Pfaff <blp at nicira.com>
> >
>
> Acked-by: Joe Stringer <joestringer at nicira.com>
Thanks. I applied this to master and branch-2.[3210].
More information about the dev
mailing list