In the IPFIX and flow sample upcall handling, check the validity
of the tunnel key returned by odp_tun_key_from_attr(). If the
tunnel key is invalid, return an error.
his was reported by Coverity, but the change also improves
robustness and avoids undefined behavior in the case of malformed
tunnel attributes.
Fixes: 8b7ea2d48033 ("Extend OVS IPFIX exporter to export tunnel headers")
Signed-off-by: Eelco Chaudron <echau...@redhat.com>
---
ofproto/ofproto-dpif-upcall.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/ofproto/ofproto-dpif-upcall.c b/ofproto/ofproto-dpif-upcall.c
index 7577d14ec..53e59580d 100644
--- a/ofproto/ofproto-dpif-upcall.c
+++ b/ofproto/ofproto-dpif-upcall.c
@@ -1563,8 +1563,11 @@ process_upcall(struct udpif *udpif, struct upcall
*upcall,
memset(&ipfix_actions, 0, sizeof ipfix_actions);
if (upcall->out_tun_key) {
- odp_tun_key_from_attr(upcall->out_tun_key, &output_tunnel_key,
- NULL);
+ if (odp_tun_key_from_attr(upcall->out_tun_key,
+ &output_tunnel_key,
+ NULL) != ODP_FIT_ERROR) {
+ return EINVAL;
+ }
}
actions_len = dpif_read_actions(udpif, upcall, flow,
--
2.49.0
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
