[ovs-git] [openvswitch/ovs] 5aa1bd: odp-util: Fix using uninitialized gtpu metadata.
Ilya Maximets
noreply at github.com
Tue Oct 20 09:43:07 UTC 2020
Branch: refs/heads/branch-2.14
Home: https://github.com/openvswitch/ovs
Commit: 5aa1bdc8e40d2df512de6197a8ab58c2e9aa1fc4
https://github.com/openvswitch/ovs/commit/5aa1bdc8e40d2df512de6197a8ab58c2e9aa1fc4
Author: Ilya Maximets <i.maximets at ovn.org>
Date: 2020-10-20 (Tue, 20 Oct 2020)
Changed paths:
M lib/odp-util.c
Log Message:
-----------
odp-util: Fix using uninitialized gtpu metadata.
If datapath flow doesn't have one of the fields of gtpu metadata, e.g.
'tunnel(gtpu())', uninitialized stack memory will be used instead.
==3485429==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x853a1b in format_u8x lib/odp-util.c:3474:13
#1 0x86ee9c in format_odp_tun_gtpu_opt lib/odp-util.c:3713:5
#2 0x86a099 in format_odp_tun_attr lib/odp-util.c:3973:13
#3 0x83afe6 in format_odp_key_attr__ lib/odp-util.c:4179:9
#4 0x838afb in odp_flow_format lib/odp-util.c:4563:17
#5 0x738422 in log_flow_message lib/dpif.c:1750:5
#6 0x738e2f in log_flow_put_message lib/dpif.c:1784:9
#7 0x7371a4 in dpif_operate lib/dpif.c:1377:21
#8 0x7363ef in dpif_flow_put lib/dpif.c:1035:5
#9 0xc7aab7 in dpctl_put_flow lib/dpctl.c:1171:13
#10 0xc65a4f in dpctl_unixctl_handler lib/dpctl.c:2701:17
#11 0xaaad04 in process_command lib/unixctl.c:308:13
#12 0xaa87f7 in run_connection lib/unixctl.c:342:17
#13 0xaa842e in unixctl_server_run lib/unixctl.c:393:21
#14 0x51c09c in main vswitchd/ovs-vswitchd.c:128:9
#15 0x7f88344391a2 in __libc_start_main (/lib64/libc.so.6+0x271a2)
#16 0x46b92d in _start (vswitchd/ovs-vswitchd+0x46b92d)
Uninitialized value was stored to memory at
#0 0x87da17 in scan_gtpu_metadata lib/odp-util.c:5221:27
#1 0x874588 in parse_odp_key_mask_attr__ lib/odp-util.c:5862:9
#2 0x83ee14 in parse_odp_key_mask_attr lib/odp-util.c:5808:18
#3 0x83e8b5 in odp_flow_from_string lib/odp-util.c:6065:18
#4 0xc7a4f3 in dpctl_put_flow lib/dpctl.c:1145:13
#5 0xc65a4f in dpctl_unixctl_handler lib/dpctl.c:2701:17
#6 0xaaad04 in process_command lib/unixctl.c:308:13
#7 0xaa87f7 in run_connection lib/unixctl.c:342:17
#8 0xaa842e in unixctl_server_run lib/unixctl.c:393:21
#9 0x51c09c in main vswitchd/ovs-vswitchd.c:128:9
#10 0x7f88344391a2 in __libc_start_main (/lib64/libc.so.6+0x271a2)
Uninitialized value was created by an allocation of 'msgtype_ma' in the
stack frame of function 'scan_gtpu_metadata'
#0 0x87d440 in scan_gtpu_metadata lib/odp-util.c:5187
Fix that by initializing fields to all zeroes by default.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21426
Fixes: 3c6d05a02e0f ("userspace: Add GTP-U support.")
Acked-by: Yi Yang <yangyi01 at inspur.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: 2605c4e3a95ee3b582633be486576b19e0f48d20
https://github.com/openvswitch/ovs/commit/2605c4e3a95ee3b582633be486576b19e0f48d20
Author: Ilya Maximets <i.maximets at ovn.org>
Date: 2020-10-20 (Tue, 20 Oct 2020)
Changed paths:
M lib/odp-util.c
Log Message:
-----------
odp-util: Add missing comma after gtpu attributes.
Currently flows are printed like this:
'tunnel(gtpu(flags=0x7f,msgtype=0)flags(0))'
With this change:
'tunnel(gtpu(flags=0x7f,msgtype=0),flags(0))'
Fixes: 3c6d05a02e0f ("userspace: Add GTP-U support.")
Acked-by: Yi Yang <yangyi01 at inspur.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Compare: https://github.com/openvswitch/ovs/compare/e320600be47e...2605c4e3a95e
More information about the git
mailing list