[ovs-build] Broken: openvswitch/ovs#8494 (branch-2.9 - 370c708)

Travis CI builds at travis-ci.org
Thu Aug 29 00:22:35 UTC 2019


Build Update for openvswitch/ovs
-------------------------------------

Build: #8494
Status: Broken

Duration: 47 mins and 40 secs
Commit: 370c708 (branch-2.9)
Author: Dumitru Ceara
Message: pinctrl: Fix DNS packet parsing

Due to the use of a uint8_t to index inside the DNS payload we could end
up in an infinite loop when specific (invalid) DNS packets were
processed by ovn-controller. In the infinite loop we keep increasing the
query_name dynamic string until running out of memory.

One way to replicate the issue is to configure DNS on the logical switch
and then inject a manually crafted DNS-like packet. For example, with
Scapy:

>>> p = IP(dst='10.0.0.2',src='10.0.0.3')/UDP(dport=53)/('a'*364)
>>> send(p)

Also add a sanity check on minimum L4 size of packets.

Cherry-picked from ovn commit - 7fbdeaade826da299c20c05050627ebea65fe8c2.

CC: Numan Siddique <nusiddiq at redhat.com>
Fixes: 16cb4fb8ca49 ("ovn-controller: Add 'dns_lookup' action")
Reported-at: https://bugzilla.redhat.com/1740335
Reported-by: Priscila <pveiga at redhat.com>
Signed-off-by: Dumitru Ceara <dceara at redhat.com>
Signed-off-by: Numan Siddique <nusiddiq at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>

View the changeset: https://github.com/openvswitch/ovs/compare/b1356b50aa6a...370c708fd21e

View the full build log and details: https://travis-ci.org/openvswitch/ovs/builds/578023850?utm_medium=notification&utm_source=email

--

You can unsubscribe from build emails from the openvswitch/ovs repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=2143550&utm_medium=notification&utm_source=email.
Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email.
Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-build/attachments/20190829/edcf9009/attachment.html>


More information about the build mailing list