On 13/10/2025 13:32, Eelco Chaudron via dev wrote:
> This patch fixes a potential null pointer dereference reported
> by Coverity if an null actions list is passed to nl_attr_get()
> in odp_execute_sample().
>
> Fixes: 26c6b6cd2b2e ("dpif-netdev: Implement OVS_ACTION_ATTR_SAMPLE action.")
> Signed-off-by: Eelco Chaudron <[email protected]>
> ---
> v2: Actually check for the actions non-null
> ---
> lib/odp-execute.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/lib/odp-execute.c b/lib/odp-execute.c
> index 7f4e337f8..8943db2a5 100644
> --- a/lib/odp-execute.c
> +++ b/lib/odp-execute.c
> @@ -739,6 +739,13 @@ odp_execute_sample(void *dp, struct dp_packet *packet,
> bool steal,
> }
> }
>
> + if (!subactions || !nl_attr_get_size(subactions)) {
> + if (steal) {
> + dp_packet_delete(packet);
Seems like it needs the coverage counter increased here as well
COVERAGE_INC(datapath_drop_sample_error);
> + }
> + return;
> + }
> +
> if (!steal) {
> /* The 'subactions' may modify the packet, but the modification
> * should not propagate beyond this sample action. Make a copy
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
