Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:Update
openvswitch.10750
0011-odp-util-Stop-parse-odp-actions-if-nlattr-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0011-odp-util-Stop-parse-odp-actions-if-nlattr-is-overflo.patch of Package openvswitch.10750
From e14786fade181032aa83c339ba859887733756a5 Mon Sep 17 00:00:00 2001 From: Yifeng Sun <pkusunyifeng@gmail.com> Date: Fri, 1 Feb 2019 15:56:04 -0800 Subject: [PATCH 11/14] odp-util: Stop parse odp actions if nlattr is overflow `encap = nl_msg_start_nested(key, OVS_KEY_ATTR_ENCAP)` ensures that key->size >= (encap + NLA_HDRLEN), so the `if` statement is safe. Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11306 Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org> --- lib/odp-util.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/odp-util.c b/lib/odp-util.c index c71b0e4df..0b893aca4 100644 --- a/lib/odp-util.c +++ b/lib/odp-util.c @@ -3764,6 +3764,10 @@ parse_odp_key_mask_attr(const char *s, const struct simap *port_names, if (retval < 0) { return retval; } + + if (nl_attr_oversized(key->size - encap - NLA_HDRLEN)) { + return -E2BIG; + } s += retval; } s++; -- 2.21.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor