[ovs-dev] [PATCH] ofp-actions: Avoid assertion failure for clone(ct(...bad actions...)).
Justin Pettit
jpettit at ovn.org
Fri Aug 17 23:10:00 UTC 2018
> On Aug 15, 2018, at 2:57 PM, Ben Pfaff <blp at ovn.org> wrote:
>
> decode_NXAST_RAW_CT() temporarily pulls data off the beginning of its
> ofpacts output ofpbuf and, on its error path, fails to push it back on.
> At a higher layer, decode_NXAST_RAW_CLONE() asserts, via
> ofpact_finish_CLONE(), that the ofpact_clone that it put is still in the
> place where it put it, which causes an assertion failure.
>
> The root cause here is the failure to re-push the clone header. One could
> fix that, but it would be pretty easy for that to go wrong again on some
> other obscure error path. Instead, this commit just makes the problem go
> away by always saving and restoring 'ofpact->data' if a decode fails.
>
> Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9862
> Signed-off-by: Ben Pfaff <blp at ovn.org>
Acked-by: Justin Pettit <jpettit at ovn.org>
--Justin
More information about the dev
mailing list