| Message ID | 1547749332-23430-1-git-send-email-pkusunyifeng@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [ovs-dev,v3] odp-util: Fix a bug in parse_odp_push_nsh_action | expand |
On Thu, Jan 17, 2019 at 10:22:12AM -0800, Yifeng Sun wrote: > In this piece of code, 'struct ofpbuf b' should always point to > metadata so that metadata can be filled with values through ofpbuf > operations, like ofpbuf_put_hex and ofpbuf_push_zeros. However, > ofpbuf_push_zeros may change the data pointer of 'struct ofpbuf b' > and therefore, metadata will not contain the expected values. > > This patch fixes it by changing ofpbuf_push_zeros to > ofpbuf_put_zeros. > > Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10863 > Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> > --- > v1->v2: Fix a bug in previous version, thanks Ben! > v2->v3: Use ofpbuf_put_zeros by previous discussion. Thanks! Applied and backported.
diff --git a/lib/odp-util.c b/lib/odp-util.c index 0491bed38a6c..a1c3e5bda550 100644 --- a/lib/odp-util.c +++ b/lib/odp-util.c @@ -2118,7 +2118,7 @@ parse_odp_push_nsh_action(const char *s, struct ofpbuf *actions) /* Pad metadata to 4 bytes. */ padding = PAD_SIZE(mdlen, 4); if (padding > 0) { - ofpbuf_push_zeros(&b, padding); + ofpbuf_put_zeros(&b, padding); } md_size = mdlen + padding; ofpbuf_uninit(&b);
In this piece of code, 'struct ofpbuf b' should always point to metadata so that metadata can be filled with values through ofpbuf operations, like ofpbuf_put_hex and ofpbuf_push_zeros. However, ofpbuf_push_zeros may change the data pointer of 'struct ofpbuf b' and therefore, metadata will not contain the expected values. This patch fixes it by changing ofpbuf_push_zeros to ofpbuf_put_zeros. Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10863 Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> --- v1->v2: Fix a bug in previous version, thanks Ben! v2->v3: Use ofpbuf_put_zeros by previous discussion. lib/odp-util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)