[ovs-git] [openvswitch/ovs] 3f32cf: dpif-netdev: Avoid using uninitialized memory with...

GitHub noreply at github.com
Wed Dec 23 00:21:19 UTC 2015


  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: 3f32cfebcbad9a15e89014b4bbfa308d99d209fd
      https://github.com/openvswitch/ovs/commit/3f32cfebcbad9a15e89014b4bbfa308d99d209fd
  Author: Jesse Gross <jesse at kernel.org>
  Date:   2015-12-22 (Tue, 22 Dec 2015)

  Changed paths:
    M lib/dpif-netdev.c

  Log Message:
  -----------
  dpif-netdev: Avoid using uninitialized memory with tunnel options.

When handling an upcall with the userspace datapath, it's currently
possible for a flow from a packet with no tunnel options to come back
with matches on the options. If that happens, dpif-netdev will
attempt to translate the wildcards provided by ofproto into the format
used by dpif. The translation requires use of the original wildcards
from the flow, which since they didn't exist, is uninitalized memory.

Matching on fields which don't actually exist is itself a bug. However,
this can occur when we attempt to set a tunnel option on the packet -
ofproto generates a match on the field in the original packet. This is
being fixed separately.

In other situations where we have a match on an unexpected field, we
simply ignore it. This happens with tunnel options with the kernel
datapath, non-tunnel fields that don't exist in the packet, and even
with Geneve where we do have some options but not the particular one
that was matched on. This brings the same behavior for this case and
avoids the possibility of accessing uninitialized memory.

Reported-by: Daniele Di Proietto <diproiettod at vmware.com>
Signed-off-by: Jesse Gross <jesse at kernel.org>
Acked-by: Daniele Di Proietto <diproiettod at vmware.com>




More information about the git mailing list