[ovs-git] [openvswitch/ovs] 3e1d21: conntrack: fix ftp ipv4 address substitution.

Ben Pfaff noreply at github.com
Thu Feb 14 19:31:33 UTC 2019 

  Branch: refs/heads/branch-2.9
  Home:   https://github.com/openvswitch/ovs
  Commit: 3e1d21b3a984147d401853c33f17f238f823e307
      https://github.com/openvswitch/ovs/commit/3e1d21b3a984147d401853c33f17f238f823e307
  Author: Darrell Ball <dlu998 at gmail.com>
  Date:   2019-02-14 (Thu, 14 Feb 2019)

  Changed paths:
    M lib/conntrack.c
    M tests/system-traffic.at

  Log Message:
  -----------
  conntrack: fix ftp ipv4 address substitution.

When replacing the ipv4 address in repl_ftp_v4_addr(), the remaining size
was incorrectly calculated which could lead to the wrong replacement
adjustment.

This goes unnoticed most of the time, unless you choose carefully your
initial and replacement addresses.

Example fail address combination with 10.1.1.200 DNAT'd to 10.1.100.1.

Fix this by doing something similar to V6 and also splicing out common
code for better coverage and maintainability.

A test is updated to exercise different initial and replacement addresses
and another test is added.

Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.")
Reported-by: David Marchand <david.marchand at redhat.com>
Reviewed-by: David Marchand <david.marchand at redhat.com>
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


  Commit: 8605d1fc3a949724527d2b1762131e2743f6c54b
      https://github.com/openvswitch/ovs/commit/8605d1fc3a949724527d2b1762131e2743f6c54b
  Author: Darrell Ball <dlu998 at gmail.com>
  Date:   2019-02-14 (Thu, 14 Feb 2019)

  Changed paths:
    M lib/conntrack.c

  Log Message:
  -----------
  conntrack: Fix max size for inet_ntop() call.

The call to inet_ntop() in repl_ftp_v6_addr() is 1 short to handle
the maximum possible V6 address size for v4 mapping case.

Found by inspection.

Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.")
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>


Compare: https://github.com/openvswitch/ovs/compare/08765607a8af...8605d1fc3a94

More information about the git mailing list