[ovs-dev] [patch v1] conntrack: Fix 'check_orig_tuple()' Valgrind false positive.

Ben Pfaff blp at ovn.org
Tue Sep 24 19:57:42 UTC 2019

On Mon, Sep 23, 2019 at 04:44:33PM -0700, Darrell Ball wrote:
> Valgrind reported that 'pkt->md.ct_orig_tuple.ipv4.ipv4_proto' is
> uninitialized in 'check_orig_tuple()', if 'ct_state' is zero.  Although
> this is true, the check is superceded, as even if it succeeds the check
> for natted packets based on 'ct_state' is an ORed condition and is intended
> to catch this case.
> The check is '!(pkt->md.ct_state & (CS_SRC_NAT | CS_DST_NAT))' which
> filters out all packets excepted natted ones.  Move this check up to
> prevent the Valgrind complaint, which also helps performance and also remove
> recenlty added redundant check adding extra cycles.
> Fixes: f44733c527da ("conntrack: Validate accessing of conntrack data in pkt_metadata.")
> CC: Yifeng Sun <pkusunyifeng at gmail.com>
> Signed-off-by: Darrell Ball <dlu998 at gmail.com>

Thanks, applied to master.

More information about the dev mailing list