From: Ethan Jackson <ethan@nicira.com>
Date: Tue, 28 Jun 2011 20:22:18 +0000 (-0700)
Subject: ofp-parse: Fix invalid memory use.
X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb05ba4618dc5d6ae70da21a63c2ae6a4a1b5176;p=openvswitch

ofp-parse: Fix invalid memory use.

In some cases, parsing of the note action could cause a realloc
which would result in the use of memory which was no longer
allocated.
---

diff --git a/lib/ofp-parse.c b/lib/ofp-parse.c
index 7742c821..5bc04845 100644
--- a/lib/ofp-parse.c
+++ b/lib/ofp-parse.c
@@ -486,6 +486,7 @@ str_to_action(char *str, struct ofpbuf *b)
             if (remainder) {
                 ofpbuf_put_zeros(b, OFP_ACTION_ALIGN - remainder);
             }
+            nan = (struct nx_action_note *)((char *)b->data + start_ofs);
             nan->len = htons(b->size - start_ofs);
         } else if (!strcasecmp(act, "move")) {
             struct nx_action_reg_move *move;