On Tue, 23 Jul 2019 13:25:37 +0200
Jiri Pirko <j...@resnulli.us> wrote:
> From: Jiri Pirko <j...@mellanox.com>
>
> One cannot depend on *argv being null in case of no arg is left on the
> command line. For example in batch mode, this is not always true. Check
> argc instead to prevent crash.
>
> Reported-by: Alex Kushnarov <alexand...@mellanox.com>
> Fixes: fd8b3d2c1b9b ("actions: Add support for user cookies")
> Signed-off-by: Jiri Pirko <j...@mellanox.com>
> ---
> tc/m_action.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tc/m_action.c b/tc/m_action.c
> index ab6bc0ad28ff..0f9c3a27795d 100644
> --- a/tc/m_action.c
> +++ b/tc/m_action.c
> @@ -222,7 +222,7 @@ done0:
> goto bad_val;
> }
>
> - if (*argv && strcmp(*argv, "cookie") == 0) {
> + if (argc && strcmp(*argv, "cookie") == 0) {
> size_t slen;
>
> NEXT_ARG();
The logic here is broken at end of file.
do {
if (getcmdline(&line_next, &len, stdin) == -1)
lastline = true;
largc_next = makeargs(line_next, largv_next, 100);
bs_enabled_next = batchsize_enabled(largc_next, largv_next);
if (bs_enabled) {
struct batch_
getcmdline() will return -1 at end of file.
The code will call make_args on an uninitialized pointer.
I see lots of other unnecessary complexity in the whole batch logic.
It needs to be rewritten.
Rather than me fixing the code, I am probably going to revert.
commit 485d0c6001c4aa134b99c86913d6a7089b7b2ab0
Author: Chris Mi <chr...@mellanox.com>
Date: Fri Jan 12 14:13:16 2018 +0900
tc: Add batchsize feature for filter and actions
