[ovs-git] [openvswitch/ovs] 2e4600: dpif: Use separate OVS_PACKET_ATTR_PROBE for packe...

GitHub noreply at github.com
Wed Jan 14 23:18:19 UTC 2015


  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: 2e460098bff351b9fddcb917447caa3b97a35d86
      https://github.com/openvswitch/ovs/commit/2e460098bff351b9fddcb917447caa3b97a35d86
  Author: Thomas Graf <tgraf at noironetworks.com>
  Date:   2015-01-15 (Thu, 15 Jan 2015)

  Changed paths:
    M AUTHORS
    M datapath/datapath.c
    M datapath/linux/compat/include/linux/openvswitch.h
    M lib/dpif-netlink.c

  Log Message:
  -----------
  dpif: Use separate OVS_PACKET_ATTR_PROBE for packet messges

User space is currently sending a OVS_FLOW_ATTR_PROBE for both flow
and packet messages. This leads to an out-of-bounds access in
ovs_packet_cmd_execute() because OVS_FLOW_ATTR_PROBE >
OVS_PACKET_ATTR_MAX.

Introduce a new OVS_PACKET_ATTR_PROBE with the same numeric value
as OVS_FLOW_ATTR_PROBE to grow the range of accepted packet attributes
while maintaining binary compatibility with existing OVS binaries.

Fixes: 9233ce ("datapath: Add support for OVS_FLOW_ATTR_PROBE.")
Reported-by: Sander Eikelenboom <linux at eikelenboom.it>
Signed-off-by: Thomas Graf <tgraf at noironetworks.com>
Acked-by: Jesse Gross <jesse at nicira.com>




More information about the git mailing list