[ovs-dev] [PATCH] netlink-socket: Check for null sock in nl_sock_recv__()

Ilya Maximets i.maximets at ovn.org
Tue Nov 16 22:31:06 UTC 2021


On 10/25/21 19:45, David Christensen wrote:
> In certain high load situations, such as when creating a large number of
> ports on a switch, the parameter 'sock' may be passed to nl_sock_recv__()
> as null, resulting in a segmentation fault when 'sock' is later
> dereferenced, such as when calling recvmsg().

Hi, David.  Thanks for the patch.

It's OK to check for a NULL pointer there, I guess.  However,
do you know from where it was actually called?  This function,
in general, should not be called without the actual socket,
so we, probably, should fix the caller instead.

Best regards, Ilya Maximets.

> 
> The ovs-vswitchd.log will display something like this:
> 
>     fatal_signal(revalidator138)|WARN|terminating with signal 11 (signal 11)
> 
> Tested this change under the same circumstances that originally generated
> the segmentation fault and it ran successfully for four days without any
> issue.
> 
> Signed-off-by: Murilo Opsfelder Araujo <muriloo at linux.ibm.com>
> Signed-off-by: David Christensen <drc at linux.vnet.ibm.com>
> IBM-BZ: #193057
> ---
>  lib/netlink-socket.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/lib/netlink-socket.c b/lib/netlink-socket.c
> index 5867de564..3ab4d8485 100644
> --- a/lib/netlink-socket.c
> +++ b/lib/netlink-socket.c
> @@ -653,6 +653,10 @@ nl_sock_recv__(struct nl_sock *sock, struct ofpbuf *buf, int *nsid, bool wait)
>      int *ptr;
>      int error;
>  
> +    if (sock == NULL) {
> +        return ECONNRESET;
> +    }
> +
>      ovs_assert(buf->allocated >= sizeof *nlmsghdr);
>      ofpbuf_clear(buf);
>  
> 



More information about the dev mailing list