Message ID | 20161208184444.13844-1-aserdean@cloudbasesolutions.com |
---|---|
State | Accepted |
Headers | show |
Acked-by: Sairam Venugopal <vsairam@vmware.com> On 12/8/16, 10:44 AM, "Alin Serdean" <aserdean@cloudbasesolutions.com> wrote: >Add null checks inside OvsConntrackValidateIcmpPacket, >OvsConntrackValidateTcpPacket to make the functions self-contained. > >Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> >Suggested-by: Yin Lin <linyi@vmware.com> >--- > datapath-windows/ovsext/Conntrack-icmp.c | 4 ++++ > datapath-windows/ovsext/Conntrack-tcp.c | 6 +++++- > datapath-windows/ovsext/Conntrack.c | 4 ++-- > 3 files changed, 11 insertions(+), 3 deletions(-) > >diff --git a/datapath-windows/ovsext/Conntrack-icmp.c >b/datapath-windows/ovsext/Conntrack-icmp.c >index 7db8e7d..b1b6043 100644 >--- a/datapath-windows/ovsext/Conntrack-icmp.c >+++ b/datapath-windows/ovsext/Conntrack-icmp.c >@@ -59,6 +59,10 @@ OvsConntrackUpdateIcmpEntry(OVS_CT_ENTRY* conn_, > BOOLEAN > OvsConntrackValidateIcmpPacket(const ICMPHdr *icmp) > { >+ if (!icmp) { >+ return FALSE; >+ } >+ > return icmp->type == ICMP4_ECHO_REQUEST > || icmp->type == ICMP4_INFO_REQUEST > || icmp->type == ICMP4_TIMESTAMP_REQUEST; >diff --git a/datapath-windows/ovsext/Conntrack-tcp.c >b/datapath-windows/ovsext/Conntrack-tcp.c >index c7fcfa8..1c46bb0 100644 >--- a/datapath-windows/ovsext/Conntrack-tcp.c >+++ b/datapath-windows/ovsext/Conntrack-tcp.c >@@ -457,9 +457,13 @@ OvsConntrackUpdateTcpEntry(OVS_CT_ENTRY* conn_, > BOOLEAN > OvsConntrackValidateTcpPacket(const TCPHdr *tcp) > { >+ if (!tcp) { >+ return FALSE; >+ } >+ > UINT16 tcp_flags = ntohs(tcp->flags); > >- if (tcp == NULL || OvsCtInvalidTcpFlags(tcp_flags)) { >+ if (OvsCtInvalidTcpFlags(tcp_flags)) { > return FALSE; > } > >diff --git a/datapath-windows/ovsext/Conntrack.c >b/datapath-windows/ovsext/Conntrack.c >index 84c4091..47dba9d 100644 >--- a/datapath-windows/ovsext/Conntrack.c >+++ b/datapath-windows/ovsext/Conntrack.c >@@ -199,7 +199,7 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl, > TCPHdr tcpStorage; > const TCPHdr *tcp; > tcp = OvsGetTcp(curNbl, l4Offset, &tcpStorage); >- if (!tcp || !OvsConntrackValidateTcpPacket(tcp)) { >+ if (!OvsConntrackValidateTcpPacket(tcp)) { > goto invalid; > } > >@@ -220,7 +220,7 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl, > ICMPHdr storage; > const ICMPHdr *icmp; > icmp = OvsGetIcmp(curNbl, l4Offset, &storage); >- if (!icmp || !OvsConntrackValidateIcmpPacket(icmp)) { >+ if (!OvsConntrackValidateIcmpPacket(icmp)) { > goto invalid; > } > >-- >2.10.2.windows.1 >_______________________________________________ >dev mailing list >dev@openvswitch.org >https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_ >mailman_listinfo_ovs-2Ddev&d=DgICAg&c=uilaK90D4TOVoH58JNXRgQ&r=Z6vowHUOjP5 >ysP_g372c49Nqc1vEKqHKNBkR5Q5Z7uo&m=UntB4VaAGCJwSCa8NZqCB86yuLlI1IPRRnq5uWC >BkC0&s=OvMksQSsSi5eyB024vCmF60l5o0VH9LlYIygqXDA_fA&e=
diff --git a/datapath-windows/ovsext/Conntrack-icmp.c b/datapath-windows/ovsext/Conntrack-icmp.c index 7db8e7d..b1b6043 100644 --- a/datapath-windows/ovsext/Conntrack-icmp.c +++ b/datapath-windows/ovsext/Conntrack-icmp.c @@ -59,6 +59,10 @@ OvsConntrackUpdateIcmpEntry(OVS_CT_ENTRY* conn_, BOOLEAN OvsConntrackValidateIcmpPacket(const ICMPHdr *icmp) { + if (!icmp) { + return FALSE; + } + return icmp->type == ICMP4_ECHO_REQUEST || icmp->type == ICMP4_INFO_REQUEST || icmp->type == ICMP4_TIMESTAMP_REQUEST; diff --git a/datapath-windows/ovsext/Conntrack-tcp.c b/datapath-windows/ovsext/Conntrack-tcp.c index c7fcfa8..1c46bb0 100644 --- a/datapath-windows/ovsext/Conntrack-tcp.c +++ b/datapath-windows/ovsext/Conntrack-tcp.c @@ -457,9 +457,13 @@ OvsConntrackUpdateTcpEntry(OVS_CT_ENTRY* conn_, BOOLEAN OvsConntrackValidateTcpPacket(const TCPHdr *tcp) { + if (!tcp) { + return FALSE; + } + UINT16 tcp_flags = ntohs(tcp->flags); - if (tcp == NULL || OvsCtInvalidTcpFlags(tcp_flags)) { + if (OvsCtInvalidTcpFlags(tcp_flags)) { return FALSE; } diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c index 84c4091..47dba9d 100644 --- a/datapath-windows/ovsext/Conntrack.c +++ b/datapath-windows/ovsext/Conntrack.c @@ -199,7 +199,7 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl, TCPHdr tcpStorage; const TCPHdr *tcp; tcp = OvsGetTcp(curNbl, l4Offset, &tcpStorage); - if (!tcp || !OvsConntrackValidateTcpPacket(tcp)) { + if (!OvsConntrackValidateTcpPacket(tcp)) { goto invalid; } @@ -220,7 +220,7 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl, ICMPHdr storage; const ICMPHdr *icmp; icmp = OvsGetIcmp(curNbl, l4Offset, &storage); - if (!icmp || !OvsConntrackValidateIcmpPacket(icmp)) { + if (!OvsConntrackValidateIcmpPacket(icmp)) { goto invalid; }
Add null checks inside OvsConntrackValidateIcmpPacket, OvsConntrackValidateTcpPacket to make the functions self-contained. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Suggested-by: Yin Lin <linyi@vmware.com> --- datapath-windows/ovsext/Conntrack-icmp.c | 4 ++++ datapath-windows/ovsext/Conntrack-tcp.c | 6 +++++- datapath-windows/ovsext/Conntrack.c | 4 ++-- 3 files changed, 11 insertions(+), 3 deletions(-)