[ovs-git] [openvswitch/ovs] 75cb69: Revert "flow: Fix buffer overread for crafted IPv6...
GitHub
noreply at github.com
Mon Jul 16 16:06:48 UTC 2018
Branch: refs/heads/branch-2.8
Home: https://github.com/openvswitch/ovs
Commit: 75cb699ef89da7df7ae78d744287b1f8b0fedb5f
https://github.com/openvswitch/ovs/commit/75cb699ef89da7df7ae78d744287b1f8b0fedb5f
Author: Justin Pettit <jpettit at ovn.org>
Date: 2018-07-16 (Mon, 16 Jul 2018)
Changed paths:
M lib/flow.c
Log Message:
-----------
Revert "flow: Fix buffer overread for crafted IPv6 packets."
This reverts commit 0760bd61a666e9fa866fcb5ed67f48f34895d2f6.
This patch was a cherry-pick from a bug fix in the master branch that
fixed an overread for IPv6 packets. However, the backport introduced a
problem in older branches, since the code path is different. In the
master branch, this check is done on the raw packet data, which starts
at the beginning of the IPv6 packet. In older branches, this check is
done after a call to data_pull(), which subtracts the IPv6 header length
from the 'size' variable. This means that valid IPv6 packets aren't
being processed since the check thinks they are too long.
CC: Ben Pfaff <blp at ovn.org>
Fixes: 0760bd61a66 ("flow: Fix buffer overread for crafted IPv6 packets.")
Signed-off-by: Justin Pettit <jpettit at ovn.org>
Acked-By: Lucas Alvares Gomes <lucasagomes at gmail.com>
**NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the git
mailing list