mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 20:59:41 +02:00
3c427eafce
Backport patch file to fix CVE-2017-9263 Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
30 lines
794 B
Diff
30 lines
794 B
Diff
A buggy or malicious switch could send a role status message with a bad
|
|
reason code, which if printed by OVS would cause it to abort. This fixes
|
|
the problem.
|
|
|
|
CVE: CVE-2017-9263
|
|
Upstream-Status: Submitted
|
|
|
|
Reported-by: Bhargava Shastry <bshastry at sec.t-labs.tu-berlin.de>
|
|
Signed-off-by: Ben Pfaff <blp at ovn.org>
|
|
---
|
|
lib/ofp-print.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/ofp-print.c b/lib/ofp-print.c
|
|
index 7ca953100539..1932baf4871f 100644
|
|
--- a/lib/ofp-print.c
|
|
+++ b/lib/ofp-print.c
|
|
@@ -2147,7 +2147,8 @@ ofp_print_role_status_message(struct ds *string, const struct ofp_header *oh)
|
|
break;
|
|
case OFPCRR_N_REASONS:
|
|
default:
|
|
- OVS_NOT_REACHED();
|
|
+ ds_put_cstr(string, "(unknown)");
|
|
+ break;
|
|
}
|
|
}
|
|
|
|
--
|
|
2.10.2
|