[ovs-dev] [PATCH] ofp-meter: Fix use-after-free for decoding meter mods.
Ben Pfaff
blp at ovn.org
Wed Feb 14 22:36:47 UTC 2018
Found by libfuzzer-ngram.
Reported-by: Bhargava Shastry <bshastry at sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp at ovn.org>
---
lib/ofp-meter.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/ofp-meter.c b/lib/ofp-meter.c
index 204f035ec290..4f77f508d396 100644
--- a/lib/ofp-meter.c
+++ b/lib/ofp-meter.c
@@ -98,12 +98,12 @@ ofputil_decode_meter_mod(const struct ofp_header *oh,
mm->meter.flags & OFPMF13_PKTPS) {
return OFPERR_OFPMMFC_BAD_FLAGS;
}
- mm->meter.bands = bands->data;
error = ofputil_pull_bands(&b, b.size, &mm->meter.n_bands, bands);
if (error) {
return error;
}
+ mm->meter.bands = bands->data;
}
return 0;
}
--
2.16.1
More information about the dev
mailing list