[ovs-dev] [PATCH] odp-util: Fix a null pointer dereference

Aaron Conole aconole at redhat.com
Tue Aug 31 19:21:24 UTC 2021


w00273186 <wangyunjian at huawei.com> writes:

> From: Yunjian Wang <wangyunjian at huawei.com>
>
> This patch fixes (dereference after null check) coverity issue.
> For this reason, we should add null check of 'mask' before calling
> nl_attr_find__() because the 'mask' maybe null.
>
> Addresses-Coverity: ("Dereference after null check")
> Fixes: e6cc0babc25d ("ovs-dpctl: Add mega flow support")
>
> Signed-off-by: Yunjian Wang <wangyunjian at huawei.com>
> ---
>  lib/odp-util.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/odp-util.c b/lib/odp-util.c
> index 7729a9060..c0743800a 100644
> --- a/lib/odp-util.c
> +++ b/lib/odp-util.c
> @@ -4618,7 +4618,7 @@ odp_flow_format(const struct nlattr *key, size_t key_len,
>              }
>              ds_put_char(ds, ')');
>          }
> -        if (!has_ethtype_key) {
> +        if (!has_ethtype_key && mask && mask_len) {

Do we need to check mask_len here?  I guess it should be getting checked
during nl_attr_is_valid, right?  Even still, we should probably be
checking more than whether it is non-zero (something like '>= sizeof *ma')

>              const struct nlattr *ma = nl_attr_find__(mask, mask_len,
>                                                       OVS_KEY_ATTR_ETHERTYPE);
>              if (ma) {



More information about the dev mailing list