Message ID | 20220816144502.357803-1-dceara@redhat.com |
---|---|
State | Accepted |
Headers | show |
Series | [ovs-dev] controller: Fix UB due to passing NULL to memcpy. | expand |
Context | Check | Description |
---|---|---|
ovsrobot/apply-robot | success | apply and check: success |
ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
ovsrobot/github-robot-_ovn-kubernetes | success | github build: passed |
On Tue, Aug 16, 2022 at 4:47 PM Dumitru Ceara <dceara@redhat.com> wrote: > Reported by UndefinedBehaviorSanitizer when running in a sandbox: > controller/ovn-controller.c:374:21: runtime error: null pointer passed > as argument 2, which is declared to never be null > /usr/include/string.h:44:28: note: nonnull attribute specified here > SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior > controller/ovn-controller.c:374:21 > > Signed-off-by: Dumitru Ceara <dceara@redhat.com> > --- > controller/ovn-controller.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c > index 8268726e6..96270c824 100644 > --- a/controller/ovn-controller.c > +++ b/controller/ovn-controller.c > @@ -371,7 +371,9 @@ create_br_int(struct ovsdb_idl_txn *ovs_idl_txn, > struct ovsrec_bridge **bridges; > size_t bytes = sizeof *bridges * cfg->n_bridges; > bridges = xmalloc(bytes + sizeof *bridges); > - memcpy(bridges, cfg->bridges, bytes); > + if (cfg->n_bridges) { > + memcpy(bridges, cfg->bridges, bytes); > + } > bridges[cfg->n_bridges] = bridge; > ovsrec_open_vswitch_verify_bridges(cfg); > ovsrec_open_vswitch_set_bridges(cfg, bridges, cfg->n_bridges + 1); > -- > 2.31.1 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > Makes sense, thanks! Acked-by: Ales Musil <amusil@redhat.com>
On Wed, Aug 17, 2022 at 6:01 PM Ales Musil <amusil@redhat.com> wrote: > > On Tue, Aug 16, 2022 at 4:47 PM Dumitru Ceara <dceara@redhat.com> wrote: > > > Reported by UndefinedBehaviorSanitizer when running in a sandbox: > > controller/ovn-controller.c:374:21: runtime error: null pointer passed > > as argument 2, which is declared to never be null > > /usr/include/string.h:44:28: note: nonnull attribute specified here > > SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior > > controller/ovn-controller.c:374:21 > > > > Signed-off-by: Dumitru Ceara <dceara@redhat.com> > > --- > > controller/ovn-controller.c | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c > > index 8268726e6..96270c824 100644 > > --- a/controller/ovn-controller.c > > +++ b/controller/ovn-controller.c > > @@ -371,7 +371,9 @@ create_br_int(struct ovsdb_idl_txn *ovs_idl_txn, > > struct ovsrec_bridge **bridges; > > size_t bytes = sizeof *bridges * cfg->n_bridges; > > bridges = xmalloc(bytes + sizeof *bridges); > > - memcpy(bridges, cfg->bridges, bytes); > > + if (cfg->n_bridges) { > > + memcpy(bridges, cfg->bridges, bytes); > > + } > > bridges[cfg->n_bridges] = bridge; > > ovsrec_open_vswitch_verify_bridges(cfg); > > ovsrec_open_vswitch_set_bridges(cfg, bridges, cfg->n_bridges + 1); > > -- > > 2.31.1 > > > > _______________________________________________ > > dev mailing list > > dev@openvswitch.org > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > > > > Makes sense, thanks! > > Acked-by: Ales Musil <amusil@redhat.com> Thanks. Applied to the main branch. Numan > > -- > > Ales Musil > > Senior Software Engineer - OVN Core > > Red Hat EMEA <https://www.redhat.com> > > amusil@redhat.com IM: amusil > <https://red.ht/sig> > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev >
diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c index 8268726e6..96270c824 100644 --- a/controller/ovn-controller.c +++ b/controller/ovn-controller.c @@ -371,7 +371,9 @@ create_br_int(struct ovsdb_idl_txn *ovs_idl_txn, struct ovsrec_bridge **bridges; size_t bytes = sizeof *bridges * cfg->n_bridges; bridges = xmalloc(bytes + sizeof *bridges); - memcpy(bridges, cfg->bridges, bytes); + if (cfg->n_bridges) { + memcpy(bridges, cfg->bridges, bytes); + } bridges[cfg->n_bridges] = bridge; ovsrec_open_vswitch_verify_bridges(cfg); ovsrec_open_vswitch_set_bridges(cfg, bridges, cfg->n_bridges + 1);
Reported by UndefinedBehaviorSanitizer when running in a sandbox: controller/ovn-controller.c:374:21: runtime error: null pointer passed as argument 2, which is declared to never be null /usr/include/string.h:44:28: note: nonnull attribute specified here SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior controller/ovn-controller.c:374:21 Signed-off-by: Dumitru Ceara <dceara@redhat.com> --- controller/ovn-controller.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)