[ovs-git] Open vSwitch: netlink-socket: Fix handling socket allocation failure in nl_dump_start(). (master)

dev at openvswitch.org dev at openvswitch.org
Tue Jul 15 18:04:55 UTC 2014


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Open vSwitch".

The branch, master has been updated
       via  b2d1c78a5812b85708b1e65aaff122e9a084bdf6 (commit)
       via  19aa20a05736891b7d583ee5ab422042e3ea378c (commit)
       via  f8fc5489b6605aab8a7d58191d88b0aff2452721 (commit)
      from  2ffc8767e8fa531635480371d7b2cb92a1dbc0ce (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b2d1c78a5812b85708b1e65aaff122e9a084bdf6
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=b2d1c78a5812b85708b1e65aaff122e9a084bdf6
Author: Ben Pfaff <blp at nicira.com>
		
netlink-socket: Fix handling socket allocation failure in nl_dump_start().
		
If nl_pool_alloc() failed, then 'dump' was not initialized at all and
further use of the dump would access uninitialized data, probably causing
a crash.

Found by inspection.

Signed-off-by: Ben Pfaff <blp at nicira.com>
Acked-by: Joe Stringer <joestringer at nicira.com>


commit 19aa20a05736891b7d583ee5ab422042e3ea378c
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=19aa20a05736891b7d583ee5ab422042e3ea378c
Author: Ben Pfaff <blp at nicira.com>
		
netlink-socket: Refill comment to fit within 79 columns.
		
Signed-off-by: Ben Pfaff <blp at nicira.com>
Acked-by: Joe Stringer <joestringer at nicira.com>


commit f8fc5489b6605aab8a7d58191d88b0aff2452721
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=f8fc5489b6605aab8a7d58191d88b0aff2452721
Author: Ben Pfaff <blp at nicira.com>
		
dpif-linux: Avoid null dereference if all ports disappear.
		
When dpif_linux_refresh_channels() refreshes the set of channels when
the number of handlers changes, it destroys all the dpif's channels and
sets dpif->uc_array_size to 0.  If the port dump later in the function
turns up no ports (which generally indicates a bug), then no channels will
be allocated and thus dpif->uc_array_size will remain 0 and 'channels' will
be null in each handler.  This is self-consistent, at least, but
dpif_linux_port_get_pid__() was still willing in this situation to
try to access element 0 of the set of channels, dereferencing a null
pointer.

This fixes the problem.

I encountered this while looking at a bug that I had introduced during
development that caused the port dump to always be empty.  It would be
difficult to encounter in normal use.

Signed-off-by: Ben Pfaff <blp at nicira.com>
Acked-by: Joe Stringer <joestringer at nicira.com>


-----------------------------------------------------------------------

Summary of changes:
 lib/dpif-linux.c     |    2 +-
 lib/netlink-socket.c |   29 ++++++++++++++---------------
 2 files changed, 15 insertions(+), 16 deletions(-)


hooks/post-receive
-- 
Open vSwitch



More information about the git mailing list