[ovs-dev] [patch v1] conntrack: Fix possible uninitialized memory.

Darrell Ball dlu998 at gmail.com
Sat Feb 2 03:09:45 UTC 2019 

There are a few cases where padding may be undefined according to
the C standard.  Practically, it seems implementations don't have issue,
but it is better to be safe. The code paths modified are not hot ones.

Found by inspection.

Signed-off-by: Darrell Ball <dlu998 at gmail.com>
---
 lib/conntrack.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index e1f4041..a379eaa 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -747,6 +747,7 @@ static struct conn *
 conn_lookup(struct conntrack *ct, const struct conn_key *key, long long now)
 {
     struct conn_lookup_ctx ctx;
+    memset(&ctx, 0, sizeof ctx);
     ctx.conn = NULL;
     ctx.key = *key;
     ctx.hash = conn_key_hash(key, ct->hash_basis);
@@ -896,6 +897,7 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt,
 
         if (nat_action_info) {
             nc->nat_info = xmemdup(nat_action_info, sizeof *nc->nat_info);
+            memset(conn_for_un_nat_copy, 0, sizeof *conn_for_un_nat_copy);
 
             if (alg_exp) {
                 if (alg_exp->nat_rpl_dst) {
@@ -934,8 +936,6 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt,
                 ct_rwlock_unlock(&ct->resources_lock);
             }
             conn_for_un_nat_copy->conn_type = CT_CONN_TYPE_UN_NAT;
-            conn_for_un_nat_copy->nat_info = NULL;
-            conn_for_un_nat_copy->alg = NULL;
             nat_packet(pkt, nc, ctx->icmp_related);
         }
         hmap_insert(&ct->buckets[bucket].connections, &nc->node, ctx->hash);
@@ -2024,7 +2024,9 @@ conn_key_hash(const struct conn_key *key, uint32_t basis)
 static void
 conn_key_reverse(struct conn_key *key)
 {
-    struct ct_endpoint tmp = key->src;
+    struct ct_endpoint tmp;
+    memset(&tmp, 0, sizeof tmp);
+    tmp = key->src;
     key->src = key->dst;
     key->dst = tmp;
 }
@@ -2614,7 +2616,9 @@ static struct alg_exp_node *
 expectation_lookup(struct hmap *alg_expectations, const struct conn_key *key,
                    uint32_t basis, bool src_ip_wc)
 {
-    struct conn_key check_key = *key;
+    struct conn_key check_key;
+    memset(&check_key, 0, sizeof check_key);
+    check_key = *key;
     check_key.src.port = ALG_WC_SRC_PORT;
 
     if (src_ip_wc) {
-- 
1.9.1

More information about the dev mailing list