From f2ae817e9de2d1cfd2e80a5c23256eb7211b9f5d Mon Sep 17 00:00:00 2001 From: kelly_chen Date: Thu, 6 Aug 2020 11:01:17 +0800 Subject: [PATCH 1/3] [iccpd] Fix uninitialized variable. To declare *tb[] but do not initialize it, it might be very risky. We get iccpd exception during processing arp/nd event --- src/iccpd/src/iccp_ifm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/iccpd/src/iccp_ifm.c b/src/iccpd/src/iccp_ifm.c index 5cfbfe81ffd3..ea408f9f88d9 100644 --- a/src/iccpd/src/iccp_ifm.c +++ b/src/iccpd/src/iccp_ifm.c @@ -502,7 +502,7 @@ int do_one_neigh_request(struct nlmsghdr *n) { struct ndmsg *ndm = NLMSG_DATA(n); int len = n->nlmsg_len; - struct rtattr * tb[NDA_MAX + 1]; + struct rtattr *tb[NDA_MAX + 1] = {{0}}; if (n->nlmsg_type == NLMSG_DONE) { From 11116108aa2a8f737691754b78a7cb3cba3fe06a Mon Sep 17 00:00:00 2001 From: kelly_chen Date: Fri, 7 Aug 2020 14:55:01 +0800 Subject: [PATCH 2/3] [iccpd] To itialize array of pointer to NULL. --- src/iccpd/src/iccp_ifm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/iccpd/src/iccp_ifm.c b/src/iccpd/src/iccp_ifm.c index ea408f9f88d9..a22a2bf206f4 100644 --- a/src/iccpd/src/iccp_ifm.c +++ b/src/iccpd/src/iccp_ifm.c @@ -502,7 +502,7 @@ int do_one_neigh_request(struct nlmsghdr *n) { struct ndmsg *ndm = NLMSG_DATA(n); int len = n->nlmsg_len; - struct rtattr *tb[NDA_MAX + 1] = {{0}}; + struct rtattr *tb[NDA_MAX + 1] = {NULL}; if (n->nlmsg_type == NLMSG_DONE) { From ef02b178f9eb40610a5532c9125be4737f77bf6a Mon Sep 17 00:00:00 2001 From: kelly_chen Date: Thu, 20 Aug 2020 10:20:34 +0800 Subject: [PATCH 3/3] The line 969 is also not zeroing out the struct. To initialize it to {0}; --- src/iccpd/src/iccp_ifm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/iccpd/src/iccp_ifm.c b/src/iccpd/src/iccp_ifm.c index a22a2bf206f4..014b82ef37ab 100644 --- a/src/iccpd/src/iccp_ifm.c +++ b/src/iccpd/src/iccp_ifm.c @@ -502,7 +502,7 @@ int do_one_neigh_request(struct nlmsghdr *n) { struct ndmsg *ndm = NLMSG_DATA(n); int len = n->nlmsg_len; - struct rtattr *tb[NDA_MAX + 1] = {NULL}; + struct rtattr *tb[NDA_MAX + 1] = {0}; if (n->nlmsg_type == NLMSG_DONE) { @@ -966,7 +966,7 @@ void iccp_parse_if_vlan_info_from_netlink(struct nlmsghdr *n) { struct ifinfomsg *ifm = NLMSG_DATA(n); int len = n->nlmsg_len; - struct rtattr * tb[IFLA_MAX + 1]; + struct rtattr *tb[IFLA_MAX + 1] = {0}; if (n->nlmsg_type != RTM_NEWLINK) {