validate_set() accepted OVS_KEY_ATTR_MPLS as variable-sized payload for
SET/SET_MASKED actions. In action handling, OVS expects fixed-size
MPLS key data (struct ovs_key_mpls).
Use the already normalized key_len (masked case included) and reject
non-matching MPLS action key sizes.
Reject invalid MPLS action payload lengths early.
Fixes: fbdcdd78da7c ("Change in Openvswitch to support MPLS label depth of 3 in
ingress direction")
Reported-by: Yifan Wu <[email protected]>
Reported-by: Juefei Pu <[email protected]>
Tested-by: Ao Zhou <[email protected]>
Co-developed-by: Yuan Tan <[email protected]>
Signed-off-by: Yuan Tan <[email protected]>
Suggested-by: Xin Liu <[email protected]>
Signed-off-by: Yang Yang <[email protected]>
---
net/openvswitch/flow_netlink.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
index 67fbf6e48a301..45444b81e9b97 100644
--- a/net/openvswitch/flow_netlink.c
+++ b/net/openvswitch/flow_netlink.c
@@ -2953,6 +2953,8 @@ static int validate_set(const struct nlattr *a,
case OVS_KEY_ATTR_MPLS:
if (!eth_p_mpls(eth_type))
return -EINVAL;
+ if (key_len != sizeof(struct ovs_key_mpls))
+ return -EINVAL;
break;
case OVS_KEY_ATTR_SCTP:
--
2.43.0
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
