This patch adds validation of close-braces in scan_geneve. An simple
example is "set(encap(tunnel(geneve({{". When scan_geneve returns,
(struct geneve_scan *key)->len equals to 2*sizeof(struct geneve_opt).
That seems not correct.
Found this issue while inspecting oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11153.
In addition, SCAN_TYPE expects scan_XXX functions to return 0
on errors. This patch inspects all related scan_XXX functions
and fixes their return values.
Signed-off-by: Yifeng Sun
---
v1->v2: Added example in commit message by Ben's suggestion.
lib/odp-util.c | 20 +++-
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/lib/odp-util.c b/lib/odp-util.c
index 626a03b7686f..f50de7fd275c 100644
--- a/lib/odp-util.c
+++ b/lib/odp-util.c
@@ -4812,7 +4812,7 @@ scan_vxlan_gbp(const char *s, uint32_t *key, uint32_t
*mask)
s += 3;
len = scan_be16(s, , mask ? _mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
}
@@ -4824,7 +4824,7 @@ scan_vxlan_gbp(const char *s, uint32_t *key, uint32_t
*mask)
s += 6;
len = scan_u8(s, , mask ? _mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
}
@@ -4858,7 +4858,7 @@ scan_erspan_metadata(const char *s,
s += 4;
len = scan_u8(s, , mask ? _mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
}
@@ -4872,7 +4872,7 @@ scan_erspan_metadata(const char *s,
s += 4;
len = scan_u32(s, , mask ? _mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
}
@@ -4892,7 +4892,7 @@ scan_erspan_metadata(const char *s,
s += 4;
len = scan_u8(s, , mask ? _mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
}
@@ -4903,7 +4903,7 @@ scan_erspan_metadata(const char *s,
s += 5;
len = scan_u8(s, , mask ? _mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
}
@@ -4944,7 +4944,7 @@ scan_geneve(const char *s, struct geneve_scan *key,
struct geneve_scan *mask)
len = scan_be16(s, >opt_class,
mask ? _mask->opt_class : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
} else if (mask) {
@@ -4958,7 +4958,7 @@ scan_geneve(const char *s, struct geneve_scan *key,
struct geneve_scan *mask)
s += 5;
len = scan_u8(s, >type, mask ? _mask->type : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
} else if (mask) {
@@ -4973,7 +4973,7 @@ scan_geneve(const char *s, struct geneve_scan *key,
struct geneve_scan *mask)
s += 4;
len = scan_u8(s, _len, mask ? _len_mask : NULL);
if (len == 0) {
-return -EINVAL;
+return 0;
}
s += len;
@@ -5016,6 +5016,8 @@ scan_geneve(const char *s, struct geneve_scan *key,
struct geneve_scan *mask)
opt_mask += 1 + data_len / 4;
}
len_remain -= data_len;
+} else {
+return 0;
}
}
--
2.7.4
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev