[ovs-dev] [PATCH V2 0/1] ofp-parse: Fix segfault due to bad meter n_bands

Flavio Fernandes flavio at flaviof.com
Wed Mar 17 15:06:43 UTC 2021


Dear OVS community:

I hit a segfault exception while attempting to remove all meters from a bridge.
Upon looking a little closer, I can see that the fact that an invalid n_bands value
in the meter structure caused the issue. More details below.

I humbly propose the changes in this patchset as a way to address this issue.

Thank you,

-- flaviof

gdb --args ovs-ofctl -OOpenFlow15 del-meters br-int
(gdb) r
Starting program: /usr/local/bin/ovs-ofctl -OOpenFlow15 del-meters br-int

Program received signal SIGSEGV, Segmentation fault.
ofputil_put_bands (n_bands=<optimized out>, mb=0x0, msg=msg at entry=0x5555557849c0) at /usr/include/x86_64-linux-gnu/bits/byteswap.h:37
37 return __builtin_bswap16 (__bsx);
(gdb) bt
#0 ofputil_put_bands (n_bands=<optimized out>, mb=0x0, msg=msg at entry=0x5555557849c0) at /usr/include/x86_64-linux-gnu/bits/byteswap.h:37
#1 0x00005555555e1d2d in ofputil_encode_meter_mod (ofp_version=<optimized out>, mm=0x7fffffffe380) at lib/ofp-meter.c:557
#2 0x00005555555817a0 in ofctl_meter_mod__ (bridge=0x7fffffffe7f4 "br-int", str=<optimized out>, command=<optimized out>) at utilities/ovs-ofctl.c:4038
#3 0x000055555558a01e in ovs_cmdl_run_command__ (ctx=0x7fffffffe420, commands=<optimized out>, read_only=<optimized out>) at lib/command-line.c:247
#4 0x0000555555578dc0 in main (argc=<optimized out>, argv=<optimized out>) at utilities/ovs-ofctl.c:5108
(gdb) down
#1 0x00005555555e1d2d in ofputil_encode_meter_mod (ofp_version=<optimized out>, mm=0x7fffffffea10) at lib/ofp-meter.c:557
(gdb) p *mm
$4 = {command = 2, meter = {meter_id = 4294967295, flags = 65535, n_bands = 65535, bands = 0x0}}

Note how n_bands should be set to 0. ^^ For sake of consistency, I'm also proposing that flags attribute be set to 0 as well.

Flavio Fernandes (1):
  ofp-parse: Fix segfault due to bad meter n_bands

 tests/dpif-netdev.at  | 2 ++
 utilities/ovs-ofctl.c | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

-- 
2.25.1



More information about the dev mailing list