Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/817059/?format=api
{ "id": 817059, "url": "http://patchwork.ozlabs.org/api/patches/817059/?format=api", "web_url": "http://patchwork.ozlabs.org/project/openvswitch/patch/20170921165958.3218-2-blp@ovn.org/", "project": { "id": 47, "url": "http://patchwork.ozlabs.org/api/projects/47/?format=api", "name": "Open vSwitch", "link_name": "openvswitch", "list_id": "ovs-dev.openvswitch.org", "list_email": "ovs-dev@openvswitch.org", "web_url": "http://openvswitch.org/", "scm_url": "git@github.com:openvswitch/ovs.git", "webscm_url": "https://github.com/openvswitch/ovs", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170921165958.3218-2-blp@ovn.org>", "list_archive_url": null, "date": "2017-09-21T16:59:56", "name": "[ovs-dev,v4,1/3] ofp-util: Fix buffer overread in ofputil_decode_bundle_add().", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "2d3e4b486539a53f806a912c53e6cda5971aa173", "submitter": { "id": 67603, "url": "http://patchwork.ozlabs.org/api/people/67603/?format=api", "name": "Ben Pfaff", "email": "blp@ovn.org" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/openvswitch/patch/20170921165958.3218-2-blp@ovn.org/mbox/", "series": [ { "id": 4447, "url": "http://patchwork.ozlabs.org/api/series/4447/?format=api", "web_url": "http://patchwork.ozlabs.org/project/openvswitch/list/?series=4447", "date": "2017-09-21T16:59:55", "name": "Fix memory leaks and overreads in ofp-util", "version": 4, "mbox": "http://patchwork.ozlabs.org/series/4447/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/817059/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/817059/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<ovs-dev-bounces@openvswitch.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "dev@openvswitch.org" ], "Delivered-To": [ "patchwork-incoming@bilbo.ozlabs.org", "ovs-dev@mail.linuxfoundation.org" ], "Authentication-Results": "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=openvswitch.org\n\t(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;\n\tenvelope-from=ovs-dev-bounces@openvswitch.org;\n\treceiver=<UNKNOWN>)", "Received": [ "from mail.linuxfoundation.org (mail.linuxfoundation.org\n\t[140.211.169.12])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xyjfz6S3wz9t49\n\tfor <incoming@patchwork.ozlabs.org>;\n\tFri, 22 Sep 2017 03:05:47 +1000 (AEST)", "from mail.linux-foundation.org (localhost [127.0.0.1])\n\tby mail.linuxfoundation.org (Postfix) with ESMTP id 8D7A8B7B;\n\tThu, 21 Sep 2017 17:05:14 +0000 (UTC)", "from smtp1.linuxfoundation.org (smtp1.linux-foundation.org\n\t[172.17.192.35])\n\tby mail.linuxfoundation.org (Postfix) with ESMTPS id DED66B1D\n\tfor <dev@openvswitch.org>; Thu, 21 Sep 2017 17:05:13 +0000 (UTC)", "from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net\n\t[217.70.183.198])\n\tby smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2B673204\n\tfor <dev@openvswitch.org>; Thu, 21 Sep 2017 17:05:13 +0000 (UTC)", "from sigabrt.gateway.sonic.net\n\t(173-228-112-34.dsl.dynamic.fusionbroadband.com [173.228.112.34])\n\t(Authenticated sender: blp@ovn.org)\n\tby relay6-d.mail.gandi.net (Postfix) with ESMTPSA id 2D787FB8A3;\n\tThu, 21 Sep 2017 19:05:08 +0200 (CEST)" ], "X-Greylist": "domain auto-whitelisted by SQLgrey-1.7.6", "X-Originating-IP": "173.228.112.34", "From": "Ben Pfaff <blp@ovn.org>", "To": "dev@openvswitch.org", "Date": "Thu, 21 Sep 2017 09:59:56 -0700", "Message-Id": "<20170921165958.3218-2-blp@ovn.org>", "X-Mailer": "git-send-email 2.10.2", "In-Reply-To": "<20170921165958.3218-1-blp@ovn.org>", "References": "<20170921165958.3218-1-blp@ovn.org>", "X-Spam-Status": "No, score=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW\n\tautolearn=disabled version=3.3.1", "X-Spam-Checker-Version": "SpamAssassin 3.3.1 (2010-03-16) on\n\tsmtp1.linux-foundation.org", "Cc": "Ben Pfaff <blp@ovn.org>,\n\tBhargava Shastry <bshastry@sec.t-labs.tu-berlin.de>", "Subject": "[ovs-dev] [PATCH v4 1/3] ofp-util: Fix buffer overread in\n\tofputil_decode_bundle_add().", "X-BeenThere": "ovs-dev@openvswitch.org", "X-Mailman-Version": "2.1.12", "Precedence": "list", "List-Id": "<ovs-dev.openvswitch.org>", "List-Unsubscribe": "<https://mail.openvswitch.org/mailman/options/ovs-dev>,\n\t<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>", "List-Archive": "<http://mail.openvswitch.org/pipermail/ovs-dev/>", "List-Post": "<mailto:ovs-dev@openvswitch.org>", "List-Help": "<mailto:ovs-dev-request@openvswitch.org?subject=help>", "List-Subscribe": "<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,\n\t<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Sender": "ovs-dev-bounces@openvswitch.org", "Errors-To": "ovs-dev-bounces@openvswitch.org" }, "content": "A buffer overread of up to 4 bytes was possible given a malformed\nmessage. The message was discarded following the overread.\n\nFound by libFuzzer.\n\nReported-by: Bhargava Shastry <bshastry@sec.t-labs.tu-berlin.de>\nSigned-off-by: Ben Pfaff <blp@ovn.org>\n---\n lib/ofp-util.c | 3 +++\n 1 file changed, 3 insertions(+)", "diff": "diff --git a/lib/ofp-util.c b/lib/ofp-util.c\nindex 86dd5cb61653..e915cb2ab2d7 100644\n--- a/lib/ofp-util.c\n+++ b/lib/ofp-util.c\n@@ -10517,6 +10517,9 @@ ofputil_decode_bundle_add(const struct ofp_header *oh,\n msg->bundle_id = ntohl(m->bundle_id);\n msg->flags = ntohs(m->flags);\n \n+ if (b.size < sizeof(struct ofp_header)) {\n+ return OFPERR_OFPBFC_MSG_BAD_LEN;\n+ }\n msg->msg = b.data;\n if (msg->msg->version != oh->version) {\n return OFPERR_OFPBFC_BAD_VERSION;\n", "prefixes": [ "ovs-dev", "v4", "1/3" ] }