[ovs-git] [openvswitch/ovs] b34cd6: datapath-windows: Add validations in fragmentation...
GitHub
noreply at github.com
Mon Jul 10 18:15:04 UTC 2017
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: b34cd6119aa1ce50d910252202e5eaa13b5fce5e
https://github.com/openvswitch/ovs/commit/b34cd6119aa1ce50d910252202e5eaa13b5fce5e
Author: Anand Kumar <kumaranand at vmware.com>
Date: 2017-07-10 (Mon, 10 Jul 2017)
Changed paths:
M datapath-windows/ovsext/Actions.c
M datapath-windows/ovsext/IpFragment.c
M datapath-windows/ovsext/IpFragment.h
Log Message:
-----------
datapath-windows: Add validations in fragmentation module
- Minimum valid fragment size is 400 bytes, any fragment smaller
is likely to be intentionally crafted (CVE-2000-0305).
- Validate maximum length of an Ip datagram
- Added counters to keep track of number of fragments for a given
Ip datagram.
Signed-off-by: Anand Kumar <kumaranand at vmware.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Acked-by: Alin Gabriel Serdean <aserdean at cloudbasesolutions.com>
Acked-by: Sairam Venugopal <vsairam at vmware.com>
More information about the git
mailing list