Bugs item #3117649, was opened at 2010-11-24 15:48
Message generated for change (Comment added) made by rd235
You can respond by visiting: 

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: vde_switch
Group: None
Status: Open
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Bas van Sisseren (sisseren)
Assigned to: Nobody/Anonymous (nobody)
Summary: 802.1q tagged vlan 4095 sometimes crashes vde-switch

Initial Comment:

When the vde-switch receives a packet with 802.1q tagged vlan 4095 (yes, I
know, these packets shouldn't be on the network..), it looks up vlant[4095].
This sometimes triggers a segfault.

I would suggest you add a

  if (vlan >= NUMOFVLAN)
   return; /* discard unwanted packets */

between these lines

  vlan=((packet->data[0] << 8) + packet->data[1]) & 0xfff;

  if (! BA_CHECK(vlant[vlan].table,port))
    return; /*discard unwanted packets*/


Bas van Sisseren


>Comment By: renzo davoli (rd235)
Date: 2011-02-14 15:15

It is true: those packets should not exist on a net but in case those
packets can kill a vde_switch. i.e. the switch is prone to a denial of
service attack).
I have solved the problem in the svn by adding a dummy element (#4095) on
the vlant array.
I have decided to waste 4 extra words of memory instead of one instruction
that would have been executed for each packet (complexity in space is
cheaper than complexity in time ;-)


You can respond by visiting: 

The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
vde-users mailing list

Reply via email to