datapath: Check IS_ERR() in do_execute().

flow_actions_alloc() returns an error code in the form of a pointer
but we checked that the pointer was not NULL, which is always true.
This caused oopses on allocation errors when we would write into
an invalid pointer.

NIC-234

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

diff --git a/datapath/datapath.c b/datapath/datapath.c
index 5ee915740db43a40df31a54b2eac7b25913b9171..fe37ec1ed4c1c7a1bd6ebc9b7d482d32fcc8f15d 100644 (file)
--- a/datapath/datapath.c
+++ b/datapath/datapath.c
@@ -1326,10 +1326,11 @@ static int do_execute(struct datapath *dp, const struct odp_execute *execute)
        if (execute->length < ETH_HLEN || execute->length > 65535)
                goto error;
 
-       err = -ENOMEM;
        actions = flow_actions_alloc(execute->n_actions);
-       if (!actions)
+       if (IS_ERR(actions)) {
+               err = PTR_ERR(actions);
                goto error;
+       }
 
        err = -EFAULT;
        if (copy_from_user(actions->actions, execute->actions,