[ovs-dev] [patch v1] conntrack: Fix 'check_orig_tuple()' Valgrind false positive.
blp at ovn.org
Tue Sep 24 20:31:57 UTC 2019
On Tue, Sep 24, 2019 at 02:56:40PM -0700, Darrell Ball wrote:
> Thanks Ben
> Would you mind applying to 2.12 as well.
> On Tue, Sep 24, 2019 at 2:34 PM Ben Pfaff <blp at ovn.org> wrote:
> > On Mon, Sep 23, 2019 at 04:44:33PM -0700, Darrell Ball wrote:
> > > Valgrind reported that 'pkt->md.ct_orig_tuple.ipv4.ipv4_proto' is
> > > uninitialized in 'check_orig_tuple()', if 'ct_state' is zero. Although
> > > this is true, the check is superceded, as even if it succeeds the check
> > > for natted packets based on 'ct_state' is an ORed condition and is
> > intended
> > > to catch this case.
> > > The check is '!(pkt->md.ct_state & (CS_SRC_NAT | CS_DST_NAT))' which
> > > filters out all packets excepted natted ones. Move this check up to
> > > prevent the Valgrind complaint, which also helps performance and also
> > remove
> > > recenlty added redundant check adding extra cycles.
> > >
> > > Fixes: f44733c527da ("conntrack: Validate accessing of conntrack data in
> > pkt_metadata.")
> > > CC: Yifeng Sun <pkusunyifeng at gmail.com>
> > > Signed-off-by: Darrell Ball <dlu998 at gmail.com>
> > Thanks, applied to master.
More information about the dev