From 5b61e1f163afcb292185ede20c4682ef5ea92081 Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Thu, 17 Feb 2022 20:22:33 +0100 Subject: ipcpd: Fix hashing and overlapping memcpy in pff The pft hash function assumed mem_hash allocates memory, but it does not. There was also a memcpy with potentially overlapping memory regions, which is undefined behaviour. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders --- src/ipcpd/unicast/pff/multipath.c | 2 +- src/ipcpd/unicast/pff/pft.c | 14 +++----------- 2 files changed, 4 insertions(+), 12 deletions(-) (limited to 'src/ipcpd') diff --git a/src/ipcpd/unicast/pff/multipath.c b/src/ipcpd/unicast/pff/multipath.c index b03ce32f..0579b3a0 100644 --- a/src/ipcpd/unicast/pff/multipath.c +++ b/src/ipcpd/unicast/pff/multipath.c @@ -191,7 +191,7 @@ int multipath_pff_nhop(struct pff_i * pff_i, assert(len > 0); /* Rotate fds left. */ - memcpy(fds, fds + 1, (len - 1) * sizeof(*fds)); + memmove(fds, fds + 1, (len - 1) * sizeof(*fds)); fds[len - 1] = fd; pthread_rwlock_unlock(&pff_i->lock); diff --git a/src/ipcpd/unicast/pff/pft.c b/src/ipcpd/unicast/pff/pft.c index e42b4a98..6a7cc11d 100644 --- a/src/ipcpd/unicast/pff/pft.c +++ b/src/ipcpd/unicast/pff/pft.c @@ -115,19 +115,11 @@ void pft_flush(struct pft * pft) static uint64_t hash(uint64_t key) { - void * res; - uint64_t ret; - uint8_t keys[4]; + uint64_t res[2]; - memcpy(keys, &key, 4); + mem_hash(HASH_MD5, res, (uint8_t *) &key, sizeof(key)); - mem_hash(HASH_MD5, &res, keys, 4); - - ret = (* (uint64_t *) res); - - free(res); - - return ret; + return res[0]; } static uint64_t calc_key(struct pft * pft, -- cgit v1.2.3