Re: [ovs-dev] [PATCH 2/2] ovs-appctl: Fix potential crash with timeout argument

Mon, 08 Aug 2016 07:59:21 -0700 

> On Aug 8, 2016, at 3:45 PM, dev-requ...@openvswitch.org wrote:
> 
> Date: Sun,  7 Aug 2016 22:06:05 +0100
> From: Bhanuprakash Bodireddy <bhanuprakash.bodire...@intel.com 
> <mailto:bhanuprakash.bodire...@intel.com>>
> To: dev@openvswitch.org <mailto:dev@openvswitch.org>
> Subject: [ovs-dev] [PATCH 2/2] ovs-appctl: Fix potential crash with
>       timeout argument
> Message-ID:
>       <1470603965-73273-2-git-send-email-bhanuprakash.bodire...@intel.com 
> <mailto:1470603965-73273-2-git-send-email-bhanuprakash.bodire...@intel.com>>
> 
> ovs-appctl can crash with missing timeout argument.
>  # ovs-appctl --timeout= dpif-netdev/pmd-stats-show
> 
> Fix by using strtol and validating the timeout value.
> 
> Signed-off-by: Bhanuprakash Bodireddy <bhanuprakash.bodire...@intel.com 
> <mailto:bhanuprakash.bodire...@intel.com>>
> ---
> utilities/ovs-appctl.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/utilities/ovs-appctl.c b/utilities/ovs-appctl.c
> index 8f87cc4..2543ee9 100644
> --- a/utilities/ovs-appctl.c
> +++ b/utilities/ovs-appctl.c
> @@ -127,6 +127,7 @@ parse_command_line(int argc, char *argv[])
>     char *short_options_ = 
> ovs_cmdl_long_options_to_short_options(long_options);
>     char *short_options = xasprintf("+%s", short_options_);
>     const char *target;
> +    int timeout;
>     int e_options;
> 
>     target = NULL;
> @@ -165,7 +166,13 @@ parse_command_line(int argc, char *argv[])
>             exit(EXIT_SUCCESS);
> 
>         case 'T':
> -            time_alarm(atoi(optarg));
> +            timeout = strtol(optarg, NULL, 10);
> +            if (timeout <= 0) {
> +                ovs_fatal(0, "timeout value %s on -t or --timeout is 
> invalid",
> +                               optarg);
> +            } else {
> +                time_alarm(timeout);
> +            }
>             break;
> 
>         case 'V':
> -- 
> 2.4.11

It seems to me that it’s unnecessary to change the codes. If the “timeout” is 
empty, the “atoi” function will convert it to 0, then time_alarm will disable 
the “timeout” feature, and return directly. If the “timeout” is not a positive 
number, (e.g. -100), the check will been done in the time_alarm.




_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Reply via email to