[ovs-git] [openvswitch/ovs] b34cd6: datapath-windows: Add validations in fragmentation...

GitHub noreply at github.com
Mon Jul 10 18:15:04 UTC 2017


  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: b34cd6119aa1ce50d910252202e5eaa13b5fce5e
      https://github.com/openvswitch/ovs/commit/b34cd6119aa1ce50d910252202e5eaa13b5fce5e
  Author: Anand Kumar <kumaranand at vmware.com>
  Date:   2017-07-10 (Mon, 10 Jul 2017)

  Changed paths:
    M datapath-windows/ovsext/Actions.c
    M datapath-windows/ovsext/IpFragment.c
    M datapath-windows/ovsext/IpFragment.h

  Log Message:
  -----------
  datapath-windows: Add validations in fragmentation module

- Minimum valid fragment size is 400 bytes, any fragment smaller
is likely to be intentionally crafted (CVE-2000-0305).

- Validate maximum length of an Ip datagram

- Added counters to keep track of number of fragments for a given
Ip datagram.

Signed-off-by: Anand Kumar <kumaranand at vmware.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Acked-by: Alin Gabriel Serdean <aserdean at cloudbasesolutions.com>
Acked-by: Sairam Venugopal <vsairam at vmware.com>




More information about the git mailing list