[ovs-dev] [PATCH] lib: added check to prevent int overflow
Ben Pfaff
blp at ovn.org
Fri Mar 15 23:19:35 UTC 2019
On Tue, Mar 12, 2019 at 08:26:43AM -0700, Toms Atteka wrote:
> If enough large input is given ofpact_finish will fail.
> Check was added and error message returned.
>
> Basic manual testing performed.
>
> Reported-by:
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12972
> Signed-off-by: Toms Atteka <cpp.code.lv at gmail.com>
Thanks for the fix.
Would you mind adding a helper function that does the check? It is
better to introduce a new function ofpact_oversized(), or whatever, than
to introduce too many details of the implementation into
learn_parse__().
Did you try to look around for other uses of ofpact_finish_*(), to see
whether other cases could have the same problem?
Thanks,
Ben.
More information about the dev
mailing list