On Sun, Nov 26, 2017 at 09:23:08PM -0800, Joe Stringer wrote: > On 26 November 2017 at 17:41, Ben Pfaff <[email protected]> wrote: > > scan_u128() should return 0 on an error but it actually returned an errno > > value in some cases, so a command like this: > > ovs-appctl dpctl/add-flow 'ct_label(1/55555555555555555555555555)' '' > > could cause a buffer overread. > > > > This bug is not as severe as it may sound because the string form of ODP > > flows is not used over OpenFlow or OVSDB, only through the appctl interface > > that is normally used just by local system administrators and not exposed > > over a network. > > > > Reported-by: Bhargava Shastry <[email protected]> > > Signed-off-by: Ben Pfaff <[email protected]> > > --- > > Acked-by: Joe Stringer <[email protected]>
Thanks, Joe. I applied this to master and backported as far as branch-2.5. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
