| Message ID | 1538688219-28981-1-git-send-email-pkusunyifeng@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [ovs-dev] flow: Clear ovs_nsh_key's context data when nsh's type can't be handled | expand |
On Thu, Oct 04, 2018 at 02:23:39PM -0700, Yifeng Sun wrote: > In the default case when nsh's md_type is not recognized by nsh parser, > uninitialized data in key->context can sneak into miniflow. This > patch fixes it. > > Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10519 > Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> Applied, thanks!
diff --git a/lib/flow.c b/lib/flow.c index 79e4627407a3..47b01fce834a 100644 --- a/lib/flow.c +++ b/lib/flow.c @@ -576,6 +576,7 @@ parse_nsh(const void **datap, size_t *sizep, struct ovs_key_nsh *key) break; default: /* We don't parse other context headers yet. */ + memset(key->context, 0, sizeof(key->context)); break; }
In the default case when nsh's md_type is not recognized by nsh parser, uninitialized data in key->context can sneak into miniflow. This patch fixes it. Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10519 Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com> --- lib/flow.c | 1 + 1 file changed, 1 insertion(+)