{"id":2225016,"url":"http://patchwork.ozlabs.org/api/patches/2225016/?format=json","web_url":"http://patchwork.ozlabs.org/project/ovn/patch/20260420090026.1666597-3-amusil@redhat.com/","project":{"id":68,"url":"http://patchwork.ozlabs.org/api/projects/68/?format=json","name":"Open Virtual Network development","link_name":"ovn","list_id":"ovs-dev.openvswitch.org","list_email":"ovs-dev@openvswitch.org","web_url":"http://openvswitch.org/","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260420090026.1666597-3-amusil@redhat.com>","list_archive_url":null,"date":"2026-04-20T09:00:26","name":"[ovs-dev,3/3] pinctrl: Make sure the BFD packet contains correct amount of data.","commit_ref":null,"pull_url":null,"state":"accepted","archived":false,"hash":"b857b2c03860f41bdbabf332213eb17cc423073d","submitter":{"id":83634,"url":"http://patchwork.ozlabs.org/api/people/83634/?format=json","name":"Ales Musil","email":"amusil@redhat.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/ovn/patch/20260420090026.1666597-3-amusil@redhat.com/mbox/","series":[{"id":500572,"url":"http://patchwork.ozlabs.org/api/series/500572/?format=json","web_url":"http://patchwork.ozlabs.org/project/ovn/list/?series=500572","date":"2026-04-20T09:00:24","name":"[ovs-dev,1/3] pinctrl: Limit the IP packet size to buffer size for ICMP Need Frag.","version":1,"mbox":"http://patchwork.ozlabs.org/series/500572/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2225016/comments/","check":"success","checks":"http://patchwork.ozlabs.org/api/patches/2225016/checks/","tags":{},"related":[],"headers":{"Return-Path":"<ovs-dev-bounces@openvswitch.org>","X-Original-To":["incoming@patchwork.ozlabs.org","dev@openvswitch.org"],"Delivered-To":["patchwork-incoming@legolas.ozlabs.org","ovs-dev@lists.linuxfoundation.org"],"Authentication-Results":["legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=Py6mkPYg;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org\n (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org)","smtp4.osuosl.org;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key)\n header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=Py6mkPYg","smtp1.osuosl.org; dmarc=pass (p=quarantine dis=none)\n header.from=redhat.com","smtp1.osuosl.org;\n dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com\n header.a=rsa-sha256 header.s=mimecast20190719 header.b=Py6mkPYg"],"Received":["from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fzfbH0phFz1yGs\n\tfor <incoming@patchwork.ozlabs.org>; Mon, 20 Apr 2026 19:00:42 +1000 (AEST)","from localhost (localhost [127.0.0.1])\n\tby smtp4.osuosl.org (Postfix) with ESMTP id 8AF9D40F45;\n\tMon, 20 Apr 2026 09:00:41 +0000 (UTC)","from smtp4.osuosl.org ([127.0.0.1])\n by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id eWPBYDIeRBK2; Mon, 20 Apr 2026 09:00:40 +0000 (UTC)","from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])\n\tby smtp4.osuosl.org (Postfix) with ESMTPS id 94D2940F52;\n\tMon, 20 Apr 2026 09:00:40 +0000 (UTC)","from lf-lists.osuosl.org (localhost [127.0.0.1])\n\tby lists.linuxfoundation.org (Postfix) with ESMTP id 89CB9C058E;\n\tMon, 20 Apr 2026 09:00:40 +0000 (UTC)","from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n by lists.linuxfoundation.org (Postfix) with ESMTP id BC5D9C058D\n for <dev@openvswitch.org>; Mon, 20 Apr 2026 09:00:39 +0000 (UTC)","from localhost (localhost [127.0.0.1])\n by smtp1.osuosl.org (Postfix) with ESMTP id BAB4B822D9\n for <dev@openvswitch.org>; Mon, 20 Apr 2026 09:00:39 +0000 (UTC)","from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id Am7naItHqd7N for <dev@openvswitch.org>;\n Mon, 20 Apr 2026 09:00:39 +0000 (UTC)","from us-smtp-delivery-124.mimecast.com\n (us-smtp-delivery-124.mimecast.com [170.10.129.124])\n by smtp1.osuosl.org (Postfix) with ESMTPS id C4127825CA\n for <dev@openvswitch.org>; Mon, 20 Apr 2026 09:00:38 +0000 (UTC)","from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com\n (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by\n relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,\n cipher=TLS_AES_256_GCM_SHA384) id us-mta-97-SQIT_Y-iOPmyZG0CZqJbIA-1; Mon,\n 20 Apr 2026 05:00:35 -0400","from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com\n (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS\n id ADD3418002C0; Mon, 20 Apr 2026 09:00:34 +0000 (UTC)","from amusil.redhat.com (unknown [10.44.33.221])\n by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP\n id E620D3000C15; Mon, 20 Apr 2026 09:00:32 +0000 (UTC)"],"X-Virus-Scanned":["amavis at osuosl.org","amavis at osuosl.org"],"X-Comment":"SPF check N/A for local connections - client-ip=140.211.9.56;\n helo=lists.linuxfoundation.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN> ","DKIM-Filter":["OpenDKIM Filter v2.11.0 smtp4.osuosl.org 94D2940F52","OpenDKIM Filter v2.11.0 smtp1.osuosl.org C4127825CA"],"Received-SPF":"Pass (mailfrom) identity=mailfrom; client-ip=170.10.129.124;\n helo=us-smtp-delivery-124.mimecast.com; envelope-from=amusil@redhat.com;\n receiver=<UNKNOWN>","DMARC-Filter":"OpenDMARC Filter v1.4.2 smtp1.osuosl.org C4127825CA","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n s=mimecast20190719; t=1776675637;\n h=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=bO99f43cENMQJiXiTPSJrjIdVBh1ADLRYyuSWf1vu9o=;\n b=Py6mkPYg5mlkhth5UDhfGxv6q9PTSm+Et+RHofxd03KqZvRTNN5Yfysywnwyi/ss4Xbl2E\n CfYywpdb4BSxeOTIOGwRIQ7AM80l2zoG9aUxCAIKePJn9O0UJ6zrDPPnZOUFhiZC/9HagH\n uLPwefdowhuDWNs1hg+MRCSaJosDz1s=","X-MC-Unique":"SQIT_Y-iOPmyZG0CZqJbIA-1","X-Mimecast-MFC-AGG-ID":"SQIT_Y-iOPmyZG0CZqJbIA_1776675634","To":"dev@openvswitch.org","Date":"Mon, 20 Apr 2026 11:00:26 +0200","Message-ID":"<20260420090026.1666597-3-amusil@redhat.com>","In-Reply-To":"<20260420090026.1666597-1-amusil@redhat.com>","References":"<20260420090026.1666597-1-amusil@redhat.com>","MIME-Version":"1.0","X-Scanned-By":"MIMEDefang 3.4.1 on 10.30.177.4","X-Mimecast-Spam-Score":"0","X-Mimecast-MFC-PROC-ID":"rarZdF8ZZjekO3-BcZsfMdCFDe5GRZcymu724t3ZgG8_1776675634","X-Mimecast-Originator":"redhat.com","Subject":"[ovs-dev] [PATCH ovn 3/3] pinctrl: Make sure the BFD packet\n contains correct amount of data.","X-BeenThere":"ovs-dev@openvswitch.org","X-Mailman-Version":"2.1.30","Precedence":"list","List-Id":"<ovs-dev.openvswitch.org>","List-Unsubscribe":"<https://mail.openvswitch.org/mailman/options/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>","List-Archive":"<http://mail.openvswitch.org/pipermail/ovs-dev/>","List-Post":"<mailto:ovs-dev@openvswitch.org>","List-Help":"<mailto:ovs-dev-request@openvswitch.org?subject=help>","List-Subscribe":"<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>","From":"Ales Musil via dev <ovs-dev@openvswitch.org>","Reply-To":"Ales Musil <amusil@redhat.com>","Cc":"Seiji Sakurai <Seiji.Sakurai@outlook.com>,\n Dumitru Ceara <dceara@redhat.com>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"ovs-dev-bounces@openvswitch.org","Sender":"\"dev\" <ovs-dev-bounces@openvswitch.org>"},"content":"Add missing check if the UDP packet contains the right amount of\ndata to safely deref part of the packet buffer.\n\nFixes: 02839c4d8934 (\"controller: bfd: introduce BFD state machine.\")\nReported-by: Seiji Sakurai <Seiji.Sakurai@outlook.com>\nAcked-by: Dumitru Ceara <dceara@redhat.com>\nSigned-off-by: Ales Musil <amusil@redhat.com>\n---\n controller/pinctrl.c | 7 +++++++\n 1 file changed, 7 insertions(+)","diff":"diff --git a/controller/pinctrl.c b/controller/pinctrl.c\nindex de52ac87f..1a5407183 100644\n--- a/controller/pinctrl.c\n+++ b/controller/pinctrl.c\n@@ -7697,6 +7697,13 @@ pinctrl_check_bfd_msg(const struct flow *ip_flow, struct dp_packet *pkt_in)\n         return false;\n     }\n \n+    size_t dlen = MIN(ntohs(udp_hdr->udp_len), dp_packet_l4_size(pkt_in));\n+    if (dlen < UDP_HEADER_LEN + sizeof (struct bfd_msg)) {\n+        VLOG_DBG_RL(&rl, \"BFD action on malformed BFD msg (%\"PRIxSIZE\")\",\n+                    dlen);\n+        return false;\n+    }\n+\n     const struct bfd_msg *msg = dp_packet_get_udp_payload(pkt_in);\n     uint8_t version = msg->vers_diag >> 5;\n     if (version != BFD_VERSION) {\n","prefixes":["ovs-dev","3/3"]}