Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-1118

Use after free in ovsdb

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • openvswitch3.5
    • 1
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide

      Given a duplicate database configuration is loaded into ovsdb,

      When the configuration replacement logic is executed,

      Then the system must not access or log a pointer that has already been freed.

      Show
      Given a duplicate database configuration is loaded into ovsdb, When the configuration replacement logic is executed, Then the system must not access or log a pointer that has already been freed.
    • rhel-10
    • rhel-sst-network-fastdatapath
    • ssg_networking
    • OVS/DPDK - FDP-25.B
    • 1

      Scanhub found the following issue

       3. ovsdb/ovsdb-server.c:505:5:
 freed_arg: "shash_replace_nocopy" frees "filename".
6. ovsdb/ovsdb-server.c:507:9:
 pass_freed_arg: Passing freed pointer "filename" as an argument to 
"vlog".
 #   505|       conf = shash_replace_nocopy(db_conf, filename, conf);
 #   506|       if (conf) {
 #   507|->         VLOG_WARN("Duplicate database configuration: %s", filename);
 #   508|           db_config_destroy(conf);
 #   509|       }

      This appears to be a true positive.

              rh-ee-mpattric Mike Pattrick
              rh-ee-mpattric Mike Pattrick
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: