[ovs-discuss] Arguments to memcmp() must be nonnull

neeraj mehta mehtaneeraj07 at gmail.com
Tue Aug 11 07:23:17 UTC 2015


Hi,

There is a possible defect in "utilities/ovs-ofctl.c" line 2013 OVS-2.3.2.

In ovs-ofctl.c, NULL(in certain conditions) being passed as argument in
memcmp().
ISO C says that the arguments to memcmp() must not be NULL.

---

"lib/ofpbuf.h" 425L, 14598C OVS-2.3.2

static inline void * ofpbuf_l3(const struct ofpbuf *b)
{
    return b->l3_ofs != UINT16_MAX ? (char *)b->frame + b->l3_ofs : NULL;
}
---

---
"utilities/ovs-ofctl.c" line 2013 OVS-2.3.2
if (ofptype_pull(&type, reply)
            || type != OFPTYPE_ECHO_REPLY
            || ofpbuf_size(reply) != payload
            || memcmp(ofpbuf_l3(request), ofpbuf_l3(reply), payload)) {
---

One of possible solutions for this can be:

---
"utilities/ovs-ofctl.c" line 2013 OVS-2.3.2
if (ofptype_pull(&type, reply)
             || type != OFPTYPE_ECHO_REPLY
             || ofpbuf_size(reply) != payload
+           || !ofpbuf_l3(request) || !ofpbuf_l3(reply)
             || memcmp(ofpbuf_l3(request), ofpbuf_l3(reply), payload)) {
---

Can someone confirm the above understanding?
If this is an issue, I will submit a patch against this.

Regards
Neeraj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20150811/173a236e/attachment-0002.html>


More information about the discuss mailing list