From e655542cf3cc10f14651fb237582ac7e55683e88 Mon Sep 17 00:00:00 2001 From: Simon Horman Date: Mon, 3 Jun 2013 14:46:30 +0900 Subject: [PATCH] Always use valid ids pointer in dec_ttl_cnt_ids_from_openflow() Always update the ids pointer after calling ofpbuf_put() to ensure that it is valid when accessed. During testing a case came up where the call to ofpbuf_put() in the for (i = 0; i < ids->n_controllers; i++) loop would cause the underlying buffer to be reallocated. This resulted in ids->n_controllers being an incorrect value, the loop continuing on longer than desired and finally a segmentation fault. Reported-by: Joe Stringer Signed-off-by: Simon Horman Signed-off-by: Ben Pfaff --- lib/ofp-actions.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ofp-actions.c b/lib/ofp-actions.c index 026a376d9..c98e29a63 100644 --- a/lib/ofp-actions.c +++ b/lib/ofp-actions.c @@ -209,9 +209,9 @@ dec_ttl_cnt_ids_from_openflow(const struct nx_action_cnt_ids *nac_ids, for (i = 0; i < ids->n_controllers; i++) { uint16_t id = ntohs(((ovs_be16 *)(nac_ids + 1))[i]); ofpbuf_put(out, &id, sizeof id); + ids = out->l2; } - ids = out->l2; ofpact_update_len(out, &ids->ofpact); return 0; -- 2.43.0