On 12/21/20 9:39 PM, Flavio Leitner wrote: > On Mon, Dec 21, 2020 at 04:01:04PM +0100, Ilya Maximets wrote: >> Too big userdata could overflow netlink message leading to out-of-bound >> memory accesses or assertion while formatting nested actions. >> >> Fix that by checking the size and returning correct error code. >> >> Credit to OSS-Fuzz. >> >> Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27640 >> Fixes: e995e3df57ea ("Allow OVS_USERSPACE_ATTR_USERDATA to be variable >> length.") >> Signed-off-by: Ilya Maximets <[email protected]> >> --- > > Acked-by: Flavio Leitner <[email protected]>
Thanks! Applied to master and backported down to 2.9. It requires manual backporting to apply to 2.8 and below and it doesn't seem like something very important, so I didn't. Best regards, Ilya Maximets. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
