[ovs-git] [openvswitch/ovs] 48ff96: conntrack: fix ftp ipv4 address substitution.

Ben Pfaff noreply at github.com
Mon Feb 4 17:51:55 UTC 2019


  Branch: refs/heads/branch-2.11
  Home:   https://github.com/openvswitch/ovs
  Commit: 48ff9664677b17199a1ff2a43d250a4758ff2ec8
      https://github.com/openvswitch/ovs/commit/48ff9664677b17199a1ff2a43d250a4758ff2ec8
  Author: Darrell Ball <dlu998 at gmail.com>
  Date:   2019-02-04 (Mon, 04 Feb 2019)

  Changed paths:
    M lib/conntrack.c
    M tests/system-traffic.at

  Log Message:
  -----------
  conntrack: fix ftp ipv4 address substitution.

When replacing the ipv4 address in repl_ftp_v4_addr(), the remaining size
was incorrectly calculated which could lead to the wrong replacement
adjustment.

This goes unnoticed most of the time, unless you choose carefully your
initial and replacement addresses.

Example fail address combination with 10.1.1.200 DNAT'd to 10.1.100.1.

Fix this by doing something similar to V6 and also splicing out common
code for better coverage and maintainability.

A test is updated to exercise different initial and replacement addresses
and another test is added.

Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.")
Reported-by: David Marchand <david.marchand at redhat.com>
Reviewed-by: David Marchand <david.marchand at redhat.com>
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


  Commit: e0cf839716e535856f4d3968152dbe7f6c976052
      https://github.com/openvswitch/ovs/commit/e0cf839716e535856f4d3968152dbe7f6c976052
  Author: Darrell Ball <dlu998 at gmail.com>
  Date:   2019-02-04 (Mon, 04 Feb 2019)

  Changed paths:
    M lib/conntrack.c

  Log Message:
  -----------
  conntrack: Fix max size for inet_ntop() call.

The call to inet_ntop() in repl_ftp_v6_addr() is 1 short to handle
the maximum possible V6 address size for v4 mapping case.

Found by inspection.

Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.")
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


Compare: https://github.com/openvswitch/ovs/compare/fabb9e37667a...e0cf839716e5


More information about the git mailing list