diff options
author | Dave Barach <dave@barachs.net> | 2018-10-17 10:38:51 -0400 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2018-10-23 13:06:46 +0000 |
commit | b7b929931a07fbb27b43d5cd105f366c3e29807e (patch) | |
tree | 438681c89738802dbb5d339715b96ea2c31bafb4 /src/plugins/acl | |
parent | b9a4c445c1d4e9cdab476a8e1fb8a46ff0fc6080 (diff) |
c11 safe string handling support
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>
Diffstat (limited to 'src/plugins/acl')
-rw-r--r-- | src/plugins/acl/acl.c | 90 | ||||
-rw-r--r-- | src/plugins/acl/acl_test.c | 12 | ||||
-rw-r--r-- | src/plugins/acl/hash_lookup.c | 18 | ||||
-rw-r--r-- | src/plugins/acl/public_inlines.h | 2 |
4 files changed, 61 insertions, 61 deletions
diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c index 2af2d7a8b70..dbc658b3640 100644 --- a/src/plugins/acl/acl.c +++ b/src/plugins/acl/acl.c @@ -212,7 +212,7 @@ vl_api_acl_plugin_get_version_t_handler (vl_api_acl_plugin_get_version_t * mp) return; rmp = vl_msg_api_alloc (msg_size); - memset (rmp, 0, msg_size); + clib_memset (rmp, 0, msg_size); rmp->_vl_msg_id = ntohs (VL_API_ACL_PLUGIN_GET_VERSION_REPLY + am->msg_id_base); rmp->context = mp->context; @@ -390,7 +390,7 @@ acl_add_list (u32 count, vl_api_acl_rule_t rules[], for (i = 0; i < count; i++) { r = vec_elt_at_index (acl_new_rules, i); - memset (r, 0, sizeof (*r)); + clib_memset (r, 0, sizeof (*r)); r->is_permit = rules[i].is_permit; r->is_ipv6 = rules[i].is_ipv6; if (r->is_ipv6) @@ -418,7 +418,7 @@ acl_add_list (u32 count, vl_api_acl_rule_t rules[], { /* Get ACL index */ pool_get_aligned (am->acls, a, CLIB_CACHE_LINE_BYTES); - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); /* Will return the newly allocated ACL index */ *acl_list_index = a - am->acls; } @@ -1105,7 +1105,7 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) */ for (tags = 2; tags >= 0; tags--) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); /* source MAC address */ memcpy (&mask[6], mt->mac_mask, 6); @@ -1113,20 +1113,20 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) { case 0: default: - memset (&mask[12], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* ethernet protocol */ l3_offset = 14; last_tag_table = &mt->arp_table_index; break; case 1: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* ethernet protocol */ l3_offset = 18; last_tag_table = &mt->arp_dot1q_table_index; break; case 2: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* VLAN tag2 */ - memset (&mask[20], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* VLAN tag2 */ + clib_memset (&mask[20], 0xff, 2); /* ethernet protocol */ l3_offset = 22; last_tag_table = &mt->arp_dot1ad_table_index; break; @@ -1151,26 +1151,26 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) if (mt->has_egress) { /* egress ARP table */ - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); switch (tags) { case 0: default: - memset (&mask[12], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* ethernet protocol */ l3_offset = 14; out_last_tag_table = &mt->out_arp_table_index; break; case 1: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* ethernet protocol */ l3_offset = 18; out_last_tag_table = &mt->out_arp_dot1q_table_index; break; case 2: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* VLAN tag2 */ - memset (&mask[20], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* VLAN tag2 */ + clib_memset (&mask[20], 0xff, 2); /* ethernet protocol */ l3_offset = 22; out_last_tag_table = &mt->out_arp_dot1ad_table_index; break; @@ -1207,25 +1207,25 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) */ for (tags = 2; tags >= 0; tags--) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); memcpy (&mask[6], mt->mac_mask, 6); l3_src_offs = tags * 4 + get_l3_src_offset (is6); switch (tags) { case 0: default: - memset (&mask[12], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* ethernet protocol */ last_tag_table = &mt->table_index; break; case 1: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* ethernet protocol */ last_tag_table = &mt->dot1q_table_index; break; case 2: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* VLAN tag2 */ - memset (&mask[20], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* VLAN tag2 */ + clib_memset (&mask[20], 0xff, 2); /* ethernet protocol */ last_tag_table = &mt->dot1ad_table_index; break; } @@ -1253,7 +1253,7 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) { for (tags = 2; tags >= 0; tags--) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); /* MAC destination */ memcpy (&mask[0], mt->mac_mask, 6); l3_dst_offs = tags * 4 + get_l3_dst_offset (is6); @@ -1261,18 +1261,18 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) { case 0: default: - memset (&mask[12], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* ethernet protocol */ out_last_tag_table = &mt->out_table_index; break; case 1: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* ethernet protocol */ out_last_tag_table = &mt->out_dot1q_table_index; break; case 2: - memset (&mask[12], 0xff, 2); /* VLAN tag1 */ - memset (&mask[16], 0xff, 2); /* VLAN tag2 */ - memset (&mask[20], 0xff, 2); /* ethernet protocol */ + clib_memset (&mask[12], 0xff, 2); /* VLAN tag1 */ + clib_memset (&mask[16], 0xff, 2); /* VLAN tag2 */ + clib_memset (&mask[20], 0xff, 2); /* ethernet protocol */ out_last_tag_table = &mt->out_dot1ad_table_index; break; } @@ -1327,7 +1327,7 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) for (tags = 2; tags >= 0; tags--) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); l3_src_offs = tags * 4 + get_l3_src_offset (is6); memcpy (&mask[6], a->rules[i].src_mac, 6); switch (tags) @@ -1369,13 +1369,13 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) vnet_classify_add_del_session (cm, tag_table, mask, a->rules[i].is_permit ? ~0 : 0, i, 0, action, metadata, 1); - memset (&mask[12], 0, sizeof (mask) - 12); + clib_memset (&mask[12], 0, sizeof (mask) - 12); } /* add ARP table entry too */ if (!is6 && (mvec[match_type_index].arp_table_index != ~0)) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); memcpy (&mask[6], a->rules[i].src_mac, 6); for (tags = 2; tags >= 0; tags--) @@ -1422,7 +1422,7 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) /* Add the egress entry with destination set */ for (tags = 2; tags >= 0; tags--) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); l3_dst_offs = tags * 4 + get_l3_dst_offset (is6); /* src mac in the other direction becomes dst */ memcpy (&mask[0], a->rules[i].src_mac, 6); @@ -1468,7 +1468,7 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) mask, a->rules[i].is_permit ? ~0 : 0, i, 0, action, metadata, 1); - // memset (&mask[12], 0, sizeof (mask) - 12); + // clib_memset (&mask[12], 0, sizeof (mask) - 12); } /* add ARP table entry too */ @@ -1476,7 +1476,7 @@ macip_create_classify_tables (acl_main_t * am, u32 macip_acl_index) { for (tags = 2; tags >= 0; tags--) { - memset (mask, 0, sizeof (mask)); + clib_memset (mask, 0, sizeof (mask)); switch (tags) { case 0: @@ -1644,7 +1644,7 @@ macip_acl_add_list (u32 count, vl_api_macip_acl_rule_t rules[], { /* Get ACL index */ pool_get_aligned (am->macip_acls, a, CLIB_CACHE_LINE_BYTES); - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); /* Will return the newly allocated ACL index */ *acl_list_index = a - am->macip_acls; } @@ -1980,7 +1980,7 @@ send_acl_details (acl_main_t * am, vl_api_registration_t * reg, void *oldheap = acl_set_heap (am); mp = vl_msg_api_alloc (msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_DETAILS + am->msg_id_base); /* fill in the message */ @@ -2066,7 +2066,7 @@ send_acl_interface_list_details (acl_main_t * am, msg_size += sizeof (mp->acls[0]) * count; mp = vl_msg_api_alloc (msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_INTERFACE_LIST_DETAILS + am->msg_id_base); @@ -2218,7 +2218,7 @@ send_macip_acl_details (acl_main_t * am, vl_api_registration_t * reg, int msg_size = sizeof (*mp) + (acl ? sizeof (mp->r[0]) * acl->count : 0); mp = vl_msg_api_alloc (msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_DETAILS + am->msg_id_base); /* fill in the message */ @@ -2308,7 +2308,7 @@ vl_api_macip_acl_interface_get_t_handler (vl_api_macip_acl_interface_get_t * return; rmp = vl_msg_api_alloc (msg_size); - memset (rmp, 0, msg_size); + clib_memset (rmp, 0, msg_size); rmp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_INTERFACE_GET_REPLY + am->msg_id_base); rmp->context = mp->context; @@ -2332,7 +2332,7 @@ send_macip_acl_interface_list_details (acl_main_t * am, int msg_size = sizeof (*rmp) + sizeof (rmp->acls[0]); rmp = vl_msg_api_alloc (msg_size); - memset (rmp, 0, msg_size); + clib_memset (rmp, 0, msg_size); rmp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_INTERFACE_LIST_DETAILS + am->msg_id_base); @@ -2448,7 +2448,7 @@ send_acl_interface_etype_whitelist_details (acl_main_t * am, msg_size += sizeof (mp->whitelist[0]) * count; mp = vl_msg_api_alloc (msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_INTERFACE_ETYPE_WHITELIST_DETAILS + am->msg_id_base); @@ -3533,7 +3533,7 @@ acl_init (vlib_main_t * vm) { acl_main_t *am = &acl_main; clib_error_t *error = 0; - memset (am, 0, sizeof (*am)); + clib_memset (am, 0, sizeof (*am)); am->vlib_main = vm; am->vnet_main = vnet_get_main (); am->log_default = vlib_log_register_class ("acl_plugin", 0); diff --git a/src/plugins/acl/acl_test.c b/src/plugins/acl/acl_test.c index 991d877f7af..dcb0888076d 100644 --- a/src/plugins/acl/acl_test.c +++ b/src/plugins/acl/acl_test.c @@ -313,7 +313,7 @@ static int api_acl_plugin_get_version (vat_main_t * vam) vam->result_ready = 0; mp = vl_msg_api_alloc_as_if_client(msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_PLUGIN_GET_VERSION + sm->msg_id_base); mp->client_index = vam->my_client_index; @@ -334,7 +334,7 @@ static int api_macip_acl_interface_get (vat_main_t * vam) vam->result_ready = 0; mp = vl_msg_api_alloc_as_if_client(msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_INTERFACE_GET + sm->msg_id_base); mp->client_index = vam->my_client_index; @@ -519,7 +519,7 @@ static int api_acl_add_replace (vat_main_t * vam) msg_size += n_rules*sizeof(rules[0]); mp = vl_msg_api_alloc_as_if_client(msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_ADD_REPLACE + sm->msg_id_base); mp->client_index = vam->my_client_index; if ((n_rules > 0) && rules) @@ -693,7 +693,7 @@ api_acl_add_replace_from_file (vat_main_t * vam) msg_size += n_rules*sizeof(rules[0]); mp = vl_msg_api_alloc_as_if_client(msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_ACL_ADD_REPLACE + sm->msg_id_base); mp->client_index = vam->my_client_index; if (n_rules > 0) @@ -1257,7 +1257,7 @@ static int api_macip_acl_add (vat_main_t * vam) msg_size += n_rules*sizeof(rules[0]); mp = vl_msg_api_alloc_as_if_client(msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_ADD + sm->msg_id_base); mp->client_index = vam->my_client_index; if ((n_rules > 0) && rules) @@ -1409,7 +1409,7 @@ static int api_macip_acl_add_replace (vat_main_t * vam) msg_size += n_rules*sizeof(rules[0]); mp = vl_msg_api_alloc_as_if_client(msg_size); - memset (mp, 0, msg_size); + clib_memset (mp, 0, msg_size); mp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_ADD_REPLACE + sm->msg_id_base); mp->client_index = vam->my_client_index; if ((n_rules > 0) && rules) diff --git a/src/plugins/acl/hash_lookup.c b/src/plugins/acl/hash_lookup.c index 0087a5e2ab7..8c1004e9212 100644 --- a/src/plugins/acl/hash_lookup.c +++ b/src/plugins/acl/hash_lookup.c @@ -315,7 +315,7 @@ release_mask_type_index(acl_main_t *am, u32 mask_type_index) DBG0("RELEAS MTE index %d new refcount %d", mask_type_index, mte->refcount); if (mte->refcount == 0) { /* we are not using this entry anymore */ - memset(mte, 0xae, sizeof(*mte)); + clib_memset(mte, 0xae, sizeof(*mte)); pool_put(am->ace_mask_type_pool, mte); } } @@ -1057,7 +1057,7 @@ ip4_address_mask_from_width (ip4_address_t * a, u32 width) { int i, byte, bit, bitnum; ASSERT (width <= 32); - memset (a, 0, sizeof (a[0])); + clib_memset (a, 0, sizeof (a[0])); for (i = 0; i < width; i++) { bitnum = (7 - (i & 7)); @@ -1090,8 +1090,8 @@ make_port_mask(u16 *portmask, u16 port_first, u16 port_last) static void make_mask_and_match_from_rule(fa_5tuple_t *mask, acl_rule_t *r, hash_ace_info_t *hi) { - memset(mask, 0, sizeof(*mask)); - memset(&hi->match, 0, sizeof(hi->match)); + clib_memset(mask, 0, sizeof(*mask)); + clib_memset(&hi->match, 0, sizeof(hi->match)); hi->action = r->is_permit; /* we will need to be matching based on lc_index and mask_type_index when applied */ @@ -1107,7 +1107,7 @@ make_mask_and_match_from_rule(fa_5tuple_t *mask, acl_rule_t *r, hash_ace_info_t make_ip6_address_mask(&mask->ip6_addr[1], r->dst_prefixlen); hi->match.ip6_addr[1] = r->dst.ip6; } else { - memset(hi->match.l3_zero_pad, 0, sizeof(hi->match.l3_zero_pad)); + clib_memset(hi->match.l3_zero_pad, 0, sizeof(hi->match.l3_zero_pad)); make_ip4_address_mask(&mask->ip4_addr[0], r->src_prefixlen); hi->match.ip4_addr[0] = r->src.ip4; make_ip4_address_mask(&mask->ip4_addr[1], r->dst_prefixlen); @@ -1166,7 +1166,7 @@ void hash_acl_add(acl_main_t *am, int acl_index) acl_list_t *a = &am->acls[acl_index]; vec_validate(am->hash_acl_infos, acl_index); hash_acl_info_t *ha = vec_elt_at_index(am->hash_acl_infos, acl_index); - memset(ha, 0, sizeof(*ha)); + clib_memset(ha, 0, sizeof(*ha)); ha->hash_acl_exists = 1; /* walk the newly added ACL entries and ensure that for each of them there @@ -1174,7 +1174,7 @@ void hash_acl_add(acl_main_t *am, int acl_index) for(i=0; i < a->count; i++) { hash_ace_info_t ace_info; fa_5tuple_t mask; - memset(&ace_info, 0, sizeof(ace_info)); + clib_memset(&ace_info, 0, sizeof(ace_info)); ace_info.acl_index = acl_index; ace_info.ace_index = i; @@ -1481,8 +1481,8 @@ split_partition(acl_main_t *am, u32 first_index, hash_acl_info_t *ha = vec_elt_at_index(am->hash_acl_infos, pae->acl_index); hash_ace_info_t *ace_info; u32 coll_mask_type_index = pae->mask_type_index; - memset(&the_min_tuple, 0, sizeof(the_min_tuple)); - memset(&the_max_tuple, 0, sizeof(the_max_tuple)); + clib_memset(&the_min_tuple, 0, sizeof(the_min_tuple)); + clib_memset(&the_max_tuple, 0, sizeof(the_max_tuple)); int i=0; u64 collisions = vec_len(pae->colliding_rules); diff --git a/src/plugins/acl/public_inlines.h b/src/plugins/acl/public_inlines.h index 576d081784c..850babfa872 100644 --- a/src/plugins/acl/public_inlines.h +++ b/src/plugins/acl/public_inlines.h @@ -73,7 +73,7 @@ acl_fill_5tuple_l3_data (acl_main_t * am, vlib_buffer_t * b0, int is_ip6, } else { - memset(p5tuple_pkt->l3_zero_pad, 0, sizeof(p5tuple_pkt->l3_zero_pad)); + clib_memset(p5tuple_pkt->l3_zero_pad, 0, sizeof(p5tuple_pkt->l3_zero_pad)); clib_memcpy (&p5tuple_pkt->ip4_addr, get_ptr_to_offset (b0, offsetof (ip4_header_t, |