[ovs-dev] [PATCH] dpif-netlink: fix null pointer

Guru Shetty guru at ovn.org
Mon Oct 8 15:11:21 UTC 2018


On Sat, 6 Oct 2018 at 09:20, Matteo Croce <mcroce at redhat.com> wrote:

> In dpif_netlink_port_add__(), socksp could be NULL, because
> vport_socksp_to_pids() would allocate a new array and return a single
> zero element.
> Following vport_socksp_to_pids() removal, a NULL pointer can happen when
> dpif_netlink_port_add__() is called and dpif->handlers is 0.
>
> Restore the old behaviour of using a zero pid when dpif->handlers is 0.
>
> Fixes: 69c51582f ("dpif-netlink: don't allocate per thread netlink
> sockets")
> Reported-by: Flavio Leitner <fbl at redhat.com>
> Reported-by: Guru Shetty <guru at ovn.org>
> Signed-off-by: Matteo Croce <mcroce at redhat.com>
> ---
>

Not a review of the code. But I can confirm that the patch does fix the
segmentation fault that I was facing.


>  lib/dpif-netlink.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
> index 21315033c..310bc947d 100644
> --- a/lib/dpif-netlink.c
> +++ b/lib/dpif-netlink.c
> @@ -712,7 +712,7 @@ dpif_netlink_port_add__(struct dpif_netlink *dpif,
> const char *name,
>      struct dpif_netlink_vport request, reply;
>      struct ofpbuf *buf;
>      struct nl_sock *socksp = NULL;
> -    uint32_t upcall_pids;
> +    uint32_t upcall_pids = 0;
>      int error = 0;
>
>      if (dpif->handlers) {
> @@ -728,7 +728,8 @@ dpif_netlink_port_add__(struct dpif_netlink *dpif,
> const char *name,
>      request.name = name;
>
>      request.port_no = *port_nop;
> -    upcall_pids = nl_sock_pid(socksp);
> +    if (socksp)
> +        upcall_pids = nl_sock_pid(socksp);
>      request.n_upcall_pids = 1;
>      request.upcall_pids = &upcall_pids;
>
> --
> 2.17.1
>
>


More information about the dev mailing list