From bce73ec34942f3381d7e00701d5366502ec375ab Mon Sep 17 00:00:00 2001
From: Dimitri Staessens <dimitri.staessens@ugent.be>
Date: Sun, 25 Feb 2018 12:04:20 +0100
Subject: ipcpd: Fix access to uninitialized value

This fixes the access to an uninitialized dt_pci struct when updating
flow statistics in the case there is no next hop, which often resulted
in a segmentation fault.

Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
---
 src/ipcpd/normal/dt.c | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/ipcpd/normal/dt.c b/src/ipcpd/normal/dt.c
index 38a203cf..7d053e71 100644
--- a/src/ipcpd/normal/dt.c
+++ b/src/ipcpd/normal/dt.c
@@ -736,14 +736,14 @@ int dt_write_sdu(uint64_t             dst_addr,
         if (fd < 0) {
                 log_dbg("Could not get nhop for addr %" PRIu64 ".", dst_addr);
 #ifdef IPCP_FLOW_STATS
-                pthread_mutex_lock(&dt.stat[dt_pci.eid].lock);
+                pthread_mutex_lock(&dt.stat[np1_fd].lock);
 
-                ++dt.stat[dt_pci.eid].lcl_r_pkt[qc];
-                dt.stat[dt_pci.eid].lcl_r_bytes[qc] += len;
-                ++dt.stat[dt_pci.eid].f_nhp_pkt[qc];
-                dt.stat[dt_pci.eid].f_nhp_bytes[qc] += len;
+                ++dt.stat[np1_fd].lcl_r_pkt[qc];
+                dt.stat[np1_fd].lcl_r_bytes[qc] += len;
+                ++dt.stat[np1_fd].f_nhp_pkt[qc];
+                dt.stat[np1_fd].f_nhp_bytes[qc] += len;
 
-                pthread_mutex_unlock(&dt.stat[dt_pci.eid].lock);
+                pthread_mutex_unlock(&dt.stat[np1_fd].lock);
 #endif
                 return -1;
         }
@@ -765,12 +765,12 @@ int dt_write_sdu(uint64_t             dst_addr,
                 goto fail_write;
         }
 #ifdef IPCP_FLOW_STATS
-        pthread_mutex_lock(&dt.stat[dt_pci.eid].lock);
+        pthread_mutex_lock(&dt.stat[np1_fd].lock);
 
-        ++dt.stat[dt_pci.eid].lcl_r_pkt[qc];
-        dt.stat[dt_pci.eid].lcl_r_bytes[qc] += len;
+        ++dt.stat[np1_fd].lcl_r_pkt[qc];
+        dt.stat[np1_fd].lcl_r_bytes[qc] += len;
 
-        pthread_mutex_unlock(&dt.stat[dt_pci.eid].lock);
+        pthread_mutex_unlock(&dt.stat[np1_fd].lock);
         pthread_mutex_lock(&dt.stat[fd].lock);
 
         if (dt_pci.eid < PROG_RES_FDS) {
@@ -786,12 +786,12 @@ int dt_write_sdu(uint64_t             dst_addr,
 
  fail_write:
 #ifdef IPCP_FLOW_STATS
-        pthread_mutex_lock(&dt.stat[dt_pci.eid].lock);
+        pthread_mutex_lock(&dt.stat[np1_fd].lock);
 
-        ++dt.stat[dt_pci.eid].lcl_w_pkt[qc];
-        dt.stat[dt_pci.eid].lcl_w_bytes[qc] += len;
+        ++dt.stat[np1_fd].lcl_w_pkt[qc];
+        dt.stat[np1_fd].lcl_w_bytes[qc] += len;
 
-        pthread_mutex_unlock(&dt.stat[dt_pci.eid].lock);
+        pthread_mutex_unlock(&dt.stat[np1_fd].lock);
         pthread_mutex_lock(&dt.stat[fd].lock);
 
         if (dt_pci.eid < PROG_RES_FDS) {
-- 
cgit v1.2.3