Ordinarily a miniflow will use its inline_values if its values can fit, but
there is nothing to prevent a small number of values from being stored
in malloc()'d memory. If this happened, then miniflow_move() would leak
memory. This commit fixes the problem.
This is a hypothetical problem. I haven't seen it in practice.
Signed-off-by: Ben Pfaff <b...@nicira.com>
---
lib/flow.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/flow.c b/lib/flow.c
index 0e7c493..9ab1961 100644
--- a/lib/flow.c
+++ b/lib/flow.c
@@ -1141,10 +1141,10 @@ miniflow_clone(struct miniflow *dst, const struct
miniflow *src)
void
miniflow_move(struct miniflow *dst, struct miniflow *src)
{
- int n = miniflow_n_values(src);
- if (n <= MINI_N_INLINE) {
+ if (src->values == src->inline_values) {
dst->values = dst->inline_values;
- memcpy(dst->values, src->values, n * sizeof *dst->values);
+ memcpy(dst->values, src->values,
+ miniflow_n_values(src) * sizeof *dst->values);
} else {
dst->values = src->values;
}
--
1.7.10.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
