ofp-parse: Fix invalid memory use.

In some cases, parsing of the note action could cause a realloc
which would result in the use of memory which was no longer
allocated.

diff --git a/lib/ofp-parse.c b/lib/ofp-parse.c
index 7742c821ad7f66bdf662a36594d844341576a353..5bc048453d768ff0f331f1bb8391cc345162a293 100644 (file)
--- a/lib/ofp-parse.c
+++ b/lib/ofp-parse.c
@@ -486,6 +486,7 @@ str_to_action(char *str, struct ofpbuf *b)
             if (remainder) {
                 ofpbuf_put_zeros(b, OFP_ACTION_ALIGN - remainder);
             }
+            nan = (struct nx_action_note *)((char *)b->data + start_ofs);
             nan->len = htons(b->size - start_ofs);
         } else if (!strcasecmp(act, "move")) {
             struct nx_action_reg_move *move;