ofp-prop: Fix unaligned 128 bit access.

When compiling with '-fsanitize=address,undefined', the "ovs-ofctl ct-flush" test will yield the following undefined behavior flagged by UBSan. This problem is caused by the fact that 128bit property put/parse functions weren't adding appropriate padding before writing or reading the value. This patch uses get_32aligned_* functions to copy the bytes as they are aligned. lib/ofp-prop.c:277:14: runtime error: load of misaligned address 0x60600000687c for type 'union ovs_be128', which requires 8 byte alignment 0x60600000687c: note: pointer points here 00 05 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ab 00 ^ 0: in ofpprop_parse_u128 lib/ofp-prop.c:277 1: in ofp_ct_match_decode lib/ofp-ct.c:525 2: in ofp_print_nxt_ct_flush lib/ofp-print.c:959 3: in ofp_to_string__ lib/ofp-print.c:1206 4: in ofp_to_string lib/ofp-print.c:1264 5: in ofp_print lib/ofp-print.c:1308 6: in ofctl_ofp_print utilities/ovs-ofctl.c:4899 7: in ovs_cmdl_run_command__ lib/command-line.c:247 8: in ovs_cmdl_run_command lib/command-line.c:278 9: in main utilities/ovs-ofctl.c:186 Fixes: 62c5d32 ("ofp-prop: Add helper for parsing and storing of ovs_u128.") Acked-by: Ales Musil <amusil@redhat.com> Signed-off-by: Mike Pattrick <mkp@redhat.com> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
openvswitch · Jun 21, 2024 · dd1aea7 · dd1aea7
1 parent 830fd48
commit dd1aea7
Showing 1 changed file with 10 additions and 7 deletions.
diff --git a/lib/ofp-prop.c b/lib/ofp-prop.c
@@ -21,6 +21,7 @@
 #include "openvswitch/ofp-errors.h"
 #include "openvswitch/ofp-prop.h"
 #include "openvswitch/vlog.h"
+#include "unaligned.h"
 #include "util.h"
 #include "uuid.h"
 
@@ -190,11 +191,12 @@ ofpprop_parse_be64(const struct ofpbuf *property, ovs_be64 *value)
 enum ofperr
 ofpprop_parse_be128(const struct ofpbuf *property, ovs_be128 *value)
 {
-    ovs_be128 *p = property->msg;
+    ovs_32aligned_be128 *p = property->msg;
+
     if (ofpbuf_msgsize(property) != sizeof *p) {
         return OFPERR_OFPBPC_BAD_LEN;
     }
-    *value = *p;
+    *value = get_32aligned_be128(p);
     return 0;
 }
 
@@ -270,12 +272,13 @@ ofpprop_parse_u64(const struct ofpbuf *property, uint64_t *value)
 enum ofperr
 ofpprop_parse_u128(const struct ofpbuf *property, ovs_u128 *value)
 {
-    ovs_be128 *p = property->msg;
-    if (ofpbuf_msgsize(property) != sizeof *p) {
-        return OFPERR_OFPBPC_BAD_LEN;
+    enum ofperr error = ofpprop_parse_be128(property, (ovs_be128 *) value);
+
+    if (!error) {
+        *value = ntoh128(*(ovs_be128 *) value);
     }
-    *value = ntoh128(*p);
-    return 0;
+
+    return error;
 }
 
 /* Attempts to parse 'property' as a property containing a UUID.  If