[ovs-dev] [patch v1] conntrack: Fix 'check_orig_tuple()' Valgrind false positive.
blp at ovn.org
Tue Sep 24 19:57:42 UTC 2019
On Mon, Sep 23, 2019 at 04:44:33PM -0700, Darrell Ball wrote:
> Valgrind reported that 'pkt->md.ct_orig_tuple.ipv4.ipv4_proto' is
> uninitialized in 'check_orig_tuple()', if 'ct_state' is zero. Although
> this is true, the check is superceded, as even if it succeeds the check
> for natted packets based on 'ct_state' is an ORed condition and is intended
> to catch this case.
> The check is '!(pkt->md.ct_state & (CS_SRC_NAT | CS_DST_NAT))' which
> filters out all packets excepted natted ones. Move this check up to
> prevent the Valgrind complaint, which also helps performance and also remove
> recenlty added redundant check adding extra cycles.
> Fixes: f44733c527da ("conntrack: Validate accessing of conntrack data in pkt_metadata.")
> CC: Yifeng Sun <pkusunyifeng at gmail.com>
> Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Thanks, applied to master.
More information about the dev