vcom.c:
CID 178227: Logically dead code in vcom.c
vcom_socket.c:
CID 178254: Dereference after null check
CID 178250: Out-of-bounds access
vppcom.c:
CID 178252: Unused value
Suppress vppcom_session_attr() debug output.
Change-Id: I1d47bafb84fc0ad00c642392ae3cb6761fd3fb17
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
vcom_fd_set_merge (
/* dest, select sets */
&new_nfds,
vcom_fd_set_merge (
/* dest, select sets */
&new_nfds,
- __readfds,
- __writefds,
- __exceptfds,
- __readfds || __writefds || __exceptfds ?
- &new_nfd : NULL,
+ __readfds, __writefds, __exceptfds, &new_nfd,
/* src1, vcom sets */
vcom_nfds,
__readfds ? &vcom_readfds : NULL,
/* src1, vcom sets */
vcom_nfds,
__readfds ? &vcom_readfds : NULL,
{
int rv;
vppcom_endpt_t ep;
{
int rv;
vppcom_endpt_t ep;
+ u8 src_addr[sizeof (struct sockaddr_in6)];
- ep.ip = (u8 *) & ((const struct sockaddr_in *) __addr)->sin_addr;
rv = vppcom_session_recvfrom (__sid, __buf, __n, __flags, &ep);
if (rv > 0)
rv = vppcom_session_recvfrom (__sid, __buf, __n, __flags, &ep);
if (rv > 0)
{
case AF_INET:
((struct sockaddr_in *) __addr)->sin_port = ep.port;
{
case AF_INET:
((struct sockaddr_in *) __addr)->sin_port = ep.port;
+ memcpy (&((struct sockaddr_in *) __addr)->sin_addr,
+ src_addr, sizeof (struct in_addr));
+
*__addr_len = sizeof (struct sockaddr_in);
break;
case AF_INET6:
((struct sockaddr_in6 *) __addr)->sin6_port = ep.port;
*__addr_len = sizeof (struct sockaddr_in);
break;
case AF_INET6:
((struct sockaddr_in6 *) __addr)->sin6_port = ep.port;
+ memcpy (((struct sockaddr_in6 *) __addr)->sin6_addr.
+ __in6_u.__u6_addr8, src_addr,
+ sizeof (struct in6_addr));
*__addr_len = sizeof (struct sockaddr_in6);
break;
default:
*__addr_len = sizeof (struct sockaddr_in6);
break;
default:
uword *p;
vcom_socket_t *vsock;
uword *p;
vcom_socket_t *vsock;
+ if (!__optval || !__optlen)
+ return -EINVAL;
+
p = hash_get (vsm->sockidx_by_fd, __fd);
if (!p)
return -EBADF;
p = hash_get (vsm->sockidx_by_fd, __fd);
if (!p)
return -EBADF;
if (vsock->type != SOCKET_TYPE_VPPCOM_BOUND)
return -EINVAL;
if (vsock->type != SOCKET_TYPE_VPPCOM_BOUND)
return -EINVAL;
- if (!__optval && !__optlen)
- return -EFAULT;
-
switch (__level)
{
case SOL_SOCKET:
switch (__level)
{
case SOL_SOCKET:
{
case VPPCOM_ATTR_GET_NREAD:
rv = vppcom_session_read_ready (session, session_index);
{
case VPPCOM_ATTR_GET_NREAD:
rv = vppcom_session_read_ready (session, session_index);
clib_warning ("VPPCOM_ATTR_GET_NREAD: nread = %d", rv);
break;
clib_warning ("VPPCOM_ATTR_GET_NREAD: nread = %d", rv);
break;
{
*flags = O_RDWR | ((session->is_nonblocking) ? O_NONBLOCK : 0);
*buflen = sizeof (*flags);
{
*flags = O_RDWR | ((session->is_nonblocking) ? O_NONBLOCK : 0);
*buflen = sizeof (*flags);
clib_warning ("VPPCOM_ATTR_GET_FLAGS: flags = 0x%08x, "
"is_nonblocking = %u", *flags,
session->is_nonblocking);
clib_warning ("VPPCOM_ATTR_GET_FLAGS: flags = 0x%08x, "
"is_nonblocking = %u", *flags,
session->is_nonblocking);
if (buffer && buflen && (*buflen >= sizeof (*flags)))
{
session->is_nonblocking = (*flags & O_NONBLOCK) ? 1 : 0;
if (buffer && buflen && (*buflen >= sizeof (*flags)))
{
session->is_nonblocking = (*flags & O_NONBLOCK) ? 1 : 0;
clib_warning ("VPPCOM_ATTR_SET_FLAGS: flags = 0x%08x, "
"is_nonblocking = %u", *flags,
session->is_nonblocking);
clib_warning ("VPPCOM_ATTR_SET_FLAGS: flags = 0x%08x, "
"is_nonblocking = %u", *flags,
session->is_nonblocking);
clib_memcpy (ep->ip, &session->peer_addr.ip46.ip6,
sizeof (ip6_address_t));
*buflen = sizeof (*ep);
clib_memcpy (ep->ip, &session->peer_addr.ip46.ip6,
sizeof (ip6_address_t));
*buflen = sizeof (*ep);
clib_warning ("VPPCOM_ATTR_GET_PEER_ADDR: sid %u is_ip4 = %u, "
"addr = %U, port %u", session_index,
ep->is_ip4, format_ip46_address,
clib_warning ("VPPCOM_ATTR_GET_PEER_ADDR: sid %u is_ip4 = %u, "
"addr = %U, port %u", session_index,
ep->is_ip4, format_ip46_address,
clib_memcpy (ep->ip, &session->lcl_addr.ip46.ip6,
sizeof (ip6_address_t));
*buflen = sizeof (*ep);
clib_memcpy (ep->ip, &session->lcl_addr.ip46.ip6,
sizeof (ip6_address_t));
*buflen = sizeof (*ep);
clib_warning ("VPPCOM_ATTR_GET_LCL_ADDR: sid %u is_ip4 = %u, "
"addr = %U port %d", session_index,
ep->is_ip4, format_ip46_address,
clib_warning ("VPPCOM_ATTR_GET_LCL_ADDR: sid %u is_ip4 = %u, "
"addr = %U port %d", session_index,
ep->is_ip4, format_ip46_address,
if (VPPCOM_DEBUG > 0)
clib_warning ("[%d] invalid session, sid (%u) has been closed!",
vcm->my_pid, session_index);
if (VPPCOM_DEBUG > 0)
clib_warning ("[%d] invalid session, sid (%u) has been closed!",
vcm->my_pid, session_index);
+ rv = VPPCOM_EBADFD;
+ clib_spinlock_unlock (&vcm->sessions_lockp);
+ goto done;
}
ep->vrf = session->vrf;
ep->is_ip4 = session->peer_addr.is_ip4;
}
ep->vrf = session->vrf;
ep->is_ip4 = session->peer_addr.is_ip4;
rv = VPPCOM_EAFNOSUPPORT;
}
rv = VPPCOM_EAFNOSUPPORT;
}