[ovs-dev] [patch v1] conntrack: Fix 'check_orig_tuple()' Valgrind false positive.

Darrell Ball dlu998 at gmail.com
Tue Sep 24 21:56:40 UTC 2019


Thanks Ben

Would you mind applying to 2.12 as well.

Darrell

On Tue, Sep 24, 2019 at 2:34 PM Ben Pfaff <blp at ovn.org> wrote:

> On Mon, Sep 23, 2019 at 04:44:33PM -0700, Darrell Ball wrote:
> > Valgrind reported that 'pkt->md.ct_orig_tuple.ipv4.ipv4_proto' is
> > uninitialized in 'check_orig_tuple()', if 'ct_state' is zero.  Although
> > this is true, the check is superceded, as even if it succeeds the check
> > for natted packets based on 'ct_state' is an ORed condition and is
> intended
> > to catch this case.
> > The check is '!(pkt->md.ct_state & (CS_SRC_NAT | CS_DST_NAT))' which
> > filters out all packets excepted natted ones.  Move this check up to
> > prevent the Valgrind complaint, which also helps performance and also
> remove
> > recenlty added redundant check adding extra cycles.
> >
> > Fixes: f44733c527da ("conntrack: Validate accessing of conntrack data in
> pkt_metadata.")
> > CC: Yifeng Sun <pkusunyifeng at gmail.com>
> > Signed-off-by: Darrell Ball <dlu998 at gmail.com>
>
> Thanks, applied to master.
>


More information about the dev mailing list