[Qemu-devel] [PATCH v3 0/2] filter-rewriter: fix one bug and one improvement

[Qemu-devel] [PATCH v3 0/2] filter-rewriter: fix one bug and one improvement

[zhanghailiang]

Hi,

Patch 1 fixes a double free bug.
Patch 2 is an optimization for filter-rewriter.

Please review, thanks.


zhanghailiang (2):
  net/colo: fix memory double free error
  filter-rewriter: skip net_checksum_calculate() while offset = 0

 net/colo.c            |  4 ++--
 net/filter-rewriter.c | 17 +++++++++++------
 2 files changed, 13 insertions(+), 8 deletions(-)

-- 
1.8.3.1

[Qemu-devel] [PATCH v3 1/2] net/colo: fix memory double free error

[zhanghailiang]

The 'primary_list' and 'secondary_list' members of struct Connection
is not allocated through dynamically g_queue_new(), but we free it by using
g_queue_free(), which will lead to a double-free bug.

Reviewed-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
---
 net/colo.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/colo.c b/net/colo.c
index 6a6eacd..8cc166b 100644
--- a/net/colo.c
+++ b/net/colo.c
@@ -147,9 +147,9 @@ void connection_destroy(void *opaque)
     Connection *conn = opaque;
 
     g_queue_foreach(&conn->primary_list, packet_destroy, NULL);
-    g_queue_free(&conn->primary_list);
+    g_queue_clear(&conn->primary_list);
     g_queue_foreach(&conn->secondary_list, packet_destroy, NULL);
-    g_queue_free(&conn->secondary_list);
+    g_queue_clear(&conn->secondary_list);
     g_slice_free(Connection, conn);
 }
 
-- 
1.8.3.1

[Qemu-devel] [PATCH v3 2/2] filter-rewriter: skip net_checksum_calculate() while offset = 0

[zhanghailiang]

While the offset of packets's sequence for primary side and
secondary side is zero, it is unnecessary to call net_checksum_calculate()
to recalculate the checksume value of packets.

Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
---
 net/filter-rewriter.c | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/net/filter-rewriter.c b/net/filter-rewriter.c
index c4ab91c..afa06e8 100644
--- a/net/filter-rewriter.c
+++ b/net/filter-rewriter.c
@@ -93,10 +93,12 @@ static int handle_primary_tcp_pkt(NetFilterState *nf,
             conn->offset -= (ntohl(tcp_pkt->th_ack) - 1);
             conn->syn_flag = 0;
         }
-        /* handle packets to the secondary from the primary */
-        tcp_pkt->th_ack = htonl(ntohl(tcp_pkt->th_ack) + conn->offset);
+        if (conn->offset) {
+            /* handle packets to the secondary from the primary */
+            tcp_pkt->th_ack = htonl(ntohl(tcp_pkt->th_ack) + conn->offset);
 
-        net_checksum_calculate((uint8_t *)pkt->data, pkt->size);
+            net_checksum_calculate((uint8_t *)pkt->data, pkt->size);
+        }
     }
 
     return 0;
@@ -129,10 +131,13 @@ static int handle_secondary_tcp_pkt(NetFilterState *nf,
     }
 
     if ((tcp_pkt->th_flags & (TH_ACK | TH_SYN)) == TH_ACK) {
-        /* handle packets to the primary from the secondary*/
-        tcp_pkt->th_seq = htonl(ntohl(tcp_pkt->th_seq) - conn->offset);
+        /* Only need to adjust seq while offset is Non-zero */
+        if (conn->offset) {
+            /* handle packets to the primary from the secondary*/
+            tcp_pkt->th_seq = htonl(ntohl(tcp_pkt->th_seq) - conn->offset);
 
-        net_checksum_calculate((uint8_t *)pkt->data, pkt->size);
+            net_checksum_calculate((uint8_t *)pkt->data, pkt->size);
+        }
     }
 
     return 0;
-- 
1.8.3.1

Re: [Qemu-devel] [PATCH v3 0/2] filter-rewriter: fix one bug and one improvement

[Jason Wang]

On 2017年02月28日 11:54, zhanghailiang wrote:
> Hi,
>
> Patch 1 fixes a double free bug.
> Patch 2 is an optimization for filter-rewriter.
>
> Please review, thanks.
>
>
> zhanghailiang (2):
>    net/colo: fix memory double free error
>    filter-rewriter: skip net_checksum_calculate() while offset = 0
>
>   net/colo.c            |  4 ++--
>   net/filter-rewriter.c | 17 +++++++++++------
>   2 files changed, 13 insertions(+), 8 deletions(-)
>

Applied, thanks.