[ovs-dev] [PATCH] conntrack: Fix using alg_exp_entry out of scope.

Ilya Maximets i.maximets at samsung.com
Tue Jul 10 11:05:50 UTC 2018


'alg_exp_entry' is allocated on stack memory, but could be used via
'alg_exp' pointer inside 'write_ct_md' function, i.e. outside its scope.

CC: Darrell Ball <dlu998 at gmail.com>
Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.")
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
---

 lib/conntrack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index 97fd46a..51c1acb 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -1246,9 +1246,9 @@ process_one(struct conntrack *ct, struct dp_packet *pkt,
     }
 
     const struct alg_exp_node *alg_exp = NULL;
+    struct alg_exp_node alg_exp_entry;
 
     if (OVS_UNLIKELY(create_new_conn)) {
-        struct alg_exp_node alg_exp_entry;
 
         ct_rwlock_rdlock(&ct->resources_lock);
         alg_exp = expectation_lookup(&ct->alg_expectations, &ctx->key,
-- 
2.7.4



More information about the dev mailing list