From 617dffaee47fc6fbc0dca85dc07c53ca9b57bf90 Mon Sep 17 00:00:00 2001 From: Dave Wallace Date: Thu, 26 Oct 2017 14:47:06 -0400 Subject: [PATCH] VCL-LDPRELOAD: Fix CID 178251 & CID 178253 - CID 178251 Dereference after null check in vcom_socket.c - CID 178253 Logically dead code in vppcom.c Change-Id: I2a24cd53727fec76cf1a6d60f90414ff92567818 Signed-off-by: Dave Wallace --- src/vcl/vcom_socket.c | 51 ++++++++++++++++++++++++++++----------------------- src/vcl/vppcom.c | 28 +++++++++++++++++++--------- 2 files changed, 47 insertions(+), 32 deletions(-) diff --git a/src/vcl/vcom_socket.c b/src/vcl/vcom_socket.c index 304cebb8f9b..6ce15148d21 100644 --- a/src/vcl/vcom_socket.c +++ b/src/vcl/vcom_socket.c @@ -1512,31 +1512,38 @@ vcom_session_sendto (int __sid, void *__buf, size_t __n, int __flags, __CONST_SOCKADDR_ARG __addr, socklen_t __addr_len) { - int rv = -1; - vppcom_endpt_t ep; + vppcom_endpt_t *ep = 0; - ep.vrf = VPPCOM_VRF_DEFAULT; - switch (__addr->sa_family) + if (__addr) { - case AF_INET: - ep.is_ip4 = VPPCOM_IS_IP4; - ep.ip = (uint8_t *) & ((const struct sockaddr_in *) __addr)->sin_addr; - ep.port = (uint16_t) ((const struct sockaddr_in *) __addr)->sin_port; - break; + vppcom_endpt_t _ep; - case AF_INET6: - ep.is_ip4 = VPPCOM_IS_IP6; - ep.ip = (uint8_t *) & ((const struct sockaddr_in6 *) __addr)->sin6_addr; - ep.port = (uint16_t) ((const struct sockaddr_in6 *) __addr)->sin6_port; - break; + ep = &_ep; + ep->vrf = VPPCOM_VRF_DEFAULT; + switch (__addr->sa_family) + { + case AF_INET: + ep->is_ip4 = VPPCOM_IS_IP4; + ep->ip = + (uint8_t *) & ((const struct sockaddr_in *) __addr)->sin_addr; + ep->port = + (uint16_t) ((const struct sockaddr_in *) __addr)->sin_port; + break; - default: - return -1; - } + case AF_INET6: + ep->is_ip4 = VPPCOM_IS_IP6; + ep->ip = + (uint8_t *) & ((const struct sockaddr_in6 *) __addr)->sin6_addr; + ep->port = + (uint16_t) ((const struct sockaddr_in6 *) __addr)->sin6_port; + break; - rv = vppcom_session_sendto (__sid, __buf, __n, __flags, &ep); + default: + return -EAFNOSUPPORT; + } + } - return rv; + return vppcom_session_sendto (__sid, __buf, __n, __flags, ep);; } ssize_t @@ -1544,7 +1551,6 @@ vcom_socket_sendto (int __fd, const void *__buf, size_t __n, int __flags, __CONST_SOCKADDR_ARG __addr, socklen_t __addr_len) { - int rv = -1; vcom_socket_main_t *vsm = &vcom_socket_main; uword *p; vcom_socket_t *vsock; @@ -1590,9 +1596,8 @@ vcom_socket_sendto (int __fd, const void *__buf, size_t __n, } } - rv = vcom_session_sendto (vsock->sid, (void *) __buf, (int) __n, - __flags, __addr, __addr_len); - return rv; + return vcom_session_sendto (vsock->sid, (void *) __buf, (int) __n, + __flags, __addr, __addr_len); } static inline ssize_t diff --git a/src/vcl/vppcom.c b/src/vcl/vppcom.c index 72b5277c85c..75e86c843cc 100644 --- a/src/vcl/vppcom.c +++ b/src/vcl/vppcom.c @@ -3445,16 +3445,26 @@ int vppcom_session_sendto (uint32_t session_index, void *buffer, uint32_t buflen, int flags, vppcom_endpt_t * ep) { + vppcom_main_t *vcm = &vppcom_main; + + if (!buffer) + return VPPCOM_EINVAL; + if (ep) - // TBD - return -1; - else if (flags == 0) - return (vppcom_session_write (session_index, buffer, buflen)); - else if (flags) - // TBD check the flags and do the right thing - return (vppcom_session_write (session_index, buffer, buflen)); - - return -1; + { + // TBD + return VPPCOM_EINVAL; + } + + if (flags) + { + // TBD check the flags and do the right thing + if (VPPCOM_DEBUG > 2) + clib_warning ("[%d] handling flags 0x%u (%d) not implemented yet.", + vcm->my_pid, flags, flags); + } + + return (vppcom_session_write (session_index, buffer, buflen)); } /* -- 2.16.6