diff options
author | Ben Pfaff <blp@nicira.com> | 2011-10-13 10:16:59 -0700 |
---|---|---|
committer | Ben Pfaff <blp@nicira.com> | 2011-10-13 12:56:38 -0700 |
commit | b6bff4e9abaf2d9a53136854a733b7c4c5d4384e (patch) | |
tree | 6b9338d3e4e5d4452741987b9333eef128970a5c | |
parent | 077257b83c68a36ea86f2d21c8395f60df710c21 (diff) |
ofproto-dpif: Avoid bad pointer dereference in execute_odp_actions().
execute_odp_actions() can be passed a zero-length set of actions, in which
case it may not dereference its 'odp_actions' parameter at all, but in fact
it did do so. In at least one corner case, odp_actions can be NULL, so
that this caused a segfault.
Introduced in commit 98403001ec "datapath: Move Netlink PID for userspace
actions from flows to actions."
Reported-by: Pravin Shelar <pshelar@nicira.com>
-rw-r--r-- | ofproto/ofproto-dpif.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c index 36635fc6..8e5a8630 100644 --- a/ofproto/ofproto-dpif.c +++ b/ofproto/ofproto-dpif.c @@ -2207,8 +2207,10 @@ execute_odp_actions(struct ofproto_dpif *ofproto, const struct flow *flow, struct ofpbuf key; int error; - if (odp_actions->nla_type == OVS_ACTION_ATTR_USERSPACE - && NLA_ALIGN(odp_actions->nla_len) == actions_len) { + if (actions_len == 0) { + return true; + } else if (odp_actions->nla_type == OVS_ACTION_ATTR_USERSPACE + && NLA_ALIGN(odp_actions->nla_len) == actions_len) { struct user_action_cookie cookie; struct dpif_upcall upcall; uint64_t cookie_u64; |