[ovs-git] [openvswitch/ovs] 48316b: netdev-linux: Fix use of uninitialized LAG master ...
Ilya Maximets
noreply at github.com
Mon May 24 19:42:36 UTC 2021
Branch: refs/heads/branch-2.12
Home: https://github.com/openvswitch/ovs
Commit: 48316b094073fb604feb16cfad50cb7700c51251
https://github.com/openvswitch/ovs/commit/48316b094073fb604feb16cfad50cb7700c51251
Author: Ilya Maximets <i.maximets at ovn.org>
Date: 2021-05-24 (Mon, 24 May 2021)
Changed paths:
M lib/netdev-linux.c
Log Message:
-----------
netdev-linux: Fix use of uninitialized LAG master name.
'if_indextoname' may fail leaving the 'master_name' uninitialized:
Conditional jump or move depends on uninitialised value(s)
at 0x4C34329: strlen (vg_replace_strmem.c:459)
by 0x51C638: hash_string (hash.h:342)
by 0x51C638: hash_name (shash.c:28)
by 0x51CC51: shash_find (shash.c:231)
by 0x51CD38: shash_find_data (shash.c:245)
by 0x4A797F: netdev_from_name (netdev.c:2013)
by 0x544148: netdev_linux_update_lag (netdev-linux.c:676)
by 0x544148: netdev_linux_run (netdev-linux.c:769)
by 0x4A5997: netdev_run (netdev.c:186)
by 0x40752B: main (ovs-vswitchd.c:129)
Uninitialised value was created by a stack allocation
at 0x543AFA: netdev_linux_run (netdev-linux.c:722)
Fixes: d22f8927c3c9 ("netdev-linux: monitor and offload LAG slaves to TC")
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Acked-by: Mark D. Gray <mark.d.gray at redhat.com>
Commit: 98c5edcf2d85f04fc9430b9cc65d752eafbc32db
https://github.com/openvswitch/ovs/commit/98c5edcf2d85f04fc9430b9cc65d752eafbc32db
Author: Ilya Maximets <i.maximets at ovn.org>
Date: 2021-05-24 (Mon, 24 May 2021)
Changed paths:
M lib/dpif-netlink.c
Log Message:
-----------
dpif-netlink: Fix send of uninitialized memory in ct limit requests.
ct limit requests never initializes the whole 'struct ovs_zone_limit'
sending uninitialized stack memory to kernel:
Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
at 0x5E23867: sendmsg (in /usr/lib64/libpthread-2.28.so)
by 0x54F761: nl_sock_transact_multiple__ (netlink-socket.c:858)
by 0x54FB6E: nl_sock_transact_multiple.part.9 (netlink-socket.c:1079)
by 0x54FCC0: nl_sock_transact_multiple (netlink-socket.c:1044)
by 0x54FCC0: nl_sock_transact (netlink-socket.c:1108)
by 0x550B6F: nl_transact (netlink-socket.c:1804)
by 0x53BEA2: dpif_netlink_ct_get_limits (dpif-netlink.c:3052)
by 0x588B57: dpctl_ct_get_limits (dpctl.c:2178)
by 0x586FF2: dpctl_unixctl_handler (dpctl.c:2870)
by 0x52C241: process_command (unixctl.c:310)
by 0x52C241: run_connection (unixctl.c:344)
by 0x52C241: unixctl_server_run (unixctl.c:395)
by 0x407526: main (ovs-vswitchd.c:128)
Address 0x10b87480 is 32 bytes inside a block of size 4,096 alloc'd
at 0x4C30F0B: malloc (vg_replace_malloc.c:307)
by 0x52CDE4: xmalloc (util.c:138)
by 0x4F7E07: ofpbuf_init (ofpbuf.c:123)
by 0x4F7E07: ofpbuf_new (ofpbuf.c:151)
by 0x53BDE3: dpif_netlink_ct_get_limits (dpif-netlink.c:3025)
by 0x588B57: dpctl_ct_get_limits (dpctl.c:2178)
by 0x586FF2: dpctl_unixctl_handler (dpctl.c:2870)
by 0x52C241: process_command (unixctl.c:310)
by 0x52C241: run_connection (unixctl.c:344)
by 0x52C241: unixctl_server_run (unixctl.c:395)
by 0x407526: main (ovs-vswitchd.c:128)
Uninitialised value was created by a stack allocation
at 0x46AAA0: ct_dpif_get_limits (ct-dpif.c:197)
Fix that by using designated initializers that will clear all the
non-specified fields.
Fixes: 906ff9d229ee ("dpif-netlink: Implement conntrack zone limit")
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Acked-by: Mark D. Gray <mark.d.gray at redhat.com>
Compare: https://github.com/openvswitch/ovs/compare/598a7ee7de37...98c5edcf2d85
More information about the git
mailing list