[ovs-dev] [PATCH v4 0/3] bug fix: avoid install bad dp flow
lic121
lic121 at chinatelecom.cn
Sun Nov 21 15:19:32 UTC 2021
Version 4:
- Cover case where tcp_hdrlen > tcp_pkt_size
- Other small adjustments
ovs may install bad datapath flow when meet malformed pkts. As a
result, it may allows some unwanted pkts pass. This could be a point
of attack.
lic121 (3):
upcall: prevent from installing flows when inconsistence
tests: fix packet data endianness
upcall: considering dataofs when parsing tcp pkt
lib/flow.c | 20 ++++++++++-------
ofproto/ofproto-dpif-upcall.c | 26 +++++++++++++++++++---
tests/flowgen.py | 2 +-
tests/ofproto-dpif.at | 50 +++++++++++++++++++++++++++++++++++++++++++
4 files changed, 86 insertions(+), 12 deletions(-)
--
1.8.3.1
More information about the dev
mailing list