[ovs-git] [openvswitch/ovs] 6c2a93: conntrack: Fix ICMPv4 error data L4 length check.
noreply at github.com
Thu Aug 29 14:36:53 UTC 2019
Author: Darrell Ball <dlu998 at gmail.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
conntrack: Fix ICMPv4 error data L4 length check.
The ICMPv4 error data L4 length check was found to be too strict for TCP,
expecting a minimum of 20 rather than 8 bytes. This worked by
hapenstance for other inner protocols. The approach is to explicitly
handle the ICMPv4 error data L4 length check and to do this for all
supported inner protocols in the same way. Making the code common
between protocols also allows the existing ICMPv4 related UDP tests to
cover TCP and ICMP inner protocol cases.
Note that ICMPv6 does not have an 8 byte limit for error L4 data.
Fixes: a489b16854b5 ("conntrack: New userspace connection tracker.")
CC: Daniele Di Proietto <diproiettod at ovn.org>
Reported-by: Vishal Deep Ajmera <vishal.deep.ajmera at ericsson.com>
Signed-off-by: Vishal Deep Ajmera <vishal.deep.ajmera at ericsson.com>
Co-authored-by: Vishal Deep Ajmera <vishal.deep.ajmera at ericsson.com>
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
More information about the git