| Message ID | 1584481180-73404-1-git-send-email-u9012063@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [ovs-dev] classifier: Fix use of uninitialized value. | expand |
On 3/17/2020 2:39 PM, William Tu wrote: > Coverity reports use of uninitialized value of cursor. > This happens in cls_cursor_start(), when rule is false, > cursor.subtable is uninitialized. CID 279324. > > Signed-off-by: William Tu <u9012063@gmail.com> > --- > lib/classifier.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/lib/classifier.c b/lib/classifier.c > index 0fad953213e4..a22f9fb957ea 100644 > --- a/lib/classifier.c > +++ b/lib/classifier.c > @@ -1370,6 +1370,7 @@ cls_cursor_start(const struct classifier *cls, const struct cls_rule *target, > struct cls_cursor cursor; > struct cls_subtable *subtable; > > + memset(&cursor, 0x0, sizeof cursor); > cursor.cls = cls; > cursor.target = target && !cls_rule_is_catchall(target) ? target : NULL; > cursor.version = version; Reviewed-by: Greg Rose <gvrose8192@gmail.com>
On 3/17/20 10:50 PM, Gregory Rose wrote: > > On 3/17/2020 2:39 PM, William Tu wrote: >> Coverity reports use of uninitialized value of cursor. >> This happens in cls_cursor_start(), when rule is false, >> cursor.subtable is uninitialized. CID 279324. >> >> Signed-off-by: William Tu <u9012063@gmail.com> >> --- >> lib/classifier.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/lib/classifier.c b/lib/classifier.c >> index 0fad953213e4..a22f9fb957ea 100644 >> --- a/lib/classifier.c >> +++ b/lib/classifier.c >> @@ -1370,6 +1370,7 @@ cls_cursor_start(const struct classifier *cls, const struct cls_rule *target, >> struct cls_cursor cursor; >> struct cls_subtable *subtable; >> + memset(&cursor, 0x0, sizeof cursor); >> cursor.cls = cls; >> cursor.target = target && !cls_rule_is_catchall(target) ? target : NULL; >> cursor.version = version; > > Reviewed-by: Greg Rose <gvrose8192@gmail.com> Thanks! Applied to master and backported down to 2.10. Best regards, Ilya Maximets.
diff --git a/lib/classifier.c b/lib/classifier.c index 0fad953213e4..a22f9fb957ea 100644 --- a/lib/classifier.c +++ b/lib/classifier.c @@ -1370,6 +1370,7 @@ cls_cursor_start(const struct classifier *cls, const struct cls_rule *target, struct cls_cursor cursor; struct cls_subtable *subtable; + memset(&cursor, 0x0, sizeof cursor); cursor.cls = cls; cursor.target = target && !cls_rule_is_catchall(target) ? target : NULL; cursor.version = version;
Coverity reports use of uninitialized value of cursor. This happens in cls_cursor_start(), when rule is false, cursor.subtable is uninitialized. CID 279324. Signed-off-by: William Tu <u9012063@gmail.com> --- lib/classifier.c | 1 + 1 file changed, 1 insertion(+)