> On Aug 15, 2018, at 2:57 PM, Ben Pfaff <[email protected]> wrote: > > decode_NXAST_RAW_CT() temporarily pulls data off the beginning of its > ofpacts output ofpbuf and, on its error path, fails to push it back on. > At a higher layer, decode_NXAST_RAW_CLONE() asserts, via > ofpact_finish_CLONE(), that the ofpact_clone that it put is still in the > place where it put it, which causes an assertion failure. > > The root cause here is the failure to re-push the clone header. One could > fix that, but it would be pretty easy for that to go wrong again on some > other obscure error path. Instead, this commit just makes the problem go > away by always saving and restoring 'ofpact->data' if a decode fails. > > Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9862 > Signed-off-by: Ben Pfaff <[email protected]>
Acked-by: Justin Pettit <[email protected]> --Justin _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
