The pft hash function assumed mem_hash allocates memory, but it does
not. There was also a memcpy with potentially overlapping memory
regions, which is undefined behaviour.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
---
src/ipcpd/unicast/pff/multipath.c | 2 +-
src/ipcpd/unicast/pff/pft.c | 14 +++-----------
2 files changed, 4 insertions(+), 12 deletions(-)
diff --git a/src/ipcpd/unicast/pff/multipath.c
b/src/ipcpd/unicast/pff/multipath.c
index b03ce32f..0579b3a0 100644
--- a/src/ipcpd/unicast/pff/multipath.c
+++ b/src/ipcpd/unicast/pff/multipath.c
@@ -191,7 +191,7 @@ int multipath_pff_nhop(struct pff_i * pff_i,
assert(len > 0);
/* Rotate fds left. */
- memcpy(fds, fds + 1, (len - 1) * sizeof(*fds));
+ memmove(fds, fds + 1, (len - 1) * sizeof(*fds));
fds[len - 1] = fd;
pthread_rwlock_unlock(&pff_i->lock);
diff --git a/src/ipcpd/unicast/pff/pft.c b/src/ipcpd/unicast/pff/pft.c
index e42b4a98..6a7cc11d 100644
--- a/src/ipcpd/unicast/pff/pft.c
+++ b/src/ipcpd/unicast/pff/pft.c
@@ -115,19 +115,11 @@ void pft_flush(struct pft * pft)
static uint64_t hash(uint64_t key)
{
- void * res;
- uint64_t ret;
- uint8_t keys[4];
+ uint64_t res[2];
- memcpy(keys, &key, 4);
+ mem_hash(HASH_MD5, res, (uint8_t *) &key, sizeof(key));
- mem_hash(HASH_MD5, &res, keys, 4);
-
- ret = (* (uint64_t *) res);
-
- free(res);
-
- return ret;
+ return res[0];
}
static uint64_t calc_key(struct pft * pft,
--
2.35.1
