[ovs-dev] [PATCH 2/2] odp-util: Handle returning when parse_odp_key_mask_attr handles ufid
Yifeng Sun
pkusunyifeng at gmail.com
Tue Oct 9 22:39:18 UTC 2018
When parse_odp_key_mask_attr runs into ufid, it returns length of ufid
without appending data into ofpbufs. This commit adds additional
checking for this case.
Found this bug when debugging
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10850,
but not certain it is related.
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
---
lib/odp-util.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/odp-util.c b/lib/odp-util.c
index d482d5bcf968..f53530db40aa 100644
--- a/lib/odp-util.c
+++ b/lib/odp-util.c
@@ -2216,9 +2216,10 @@ parse_odp_action(const char *s, const struct simap *port_names,
struct nlattr mask[1024 / sizeof(struct nlattr)];
struct ofpbuf maskbuf = OFPBUF_STUB_INITIALIZER(mask);
struct nlattr *nested, *key;
- size_t size;
+ size_t size, old_size;
start_ofs = nl_msg_start_nested(actions, OVS_ACTION_ATTR_SET);
+ old_size = actions->size;
retval = parse_odp_key_mask_attr(s + 4, port_names, actions, &maskbuf);
if (retval < 0) {
ofpbuf_uninit(&maskbuf);
@@ -2233,7 +2234,7 @@ parse_odp_action(const char *s, const struct simap *port_names,
key = nested + 1;
size = nl_attr_get_size(mask);
- if (size == nl_attr_get_size(key)) {
+ if (old_size != actions->size && size == nl_attr_get_size(key)) {
/* Change to masked set action if not fully masked. */
if (!is_all_ones(mask + 1, size)) {
/* Remove padding of eariler key payload */
--
2.7.4
More information about the dev
mailing list