Timothy Redaelli via dev <[email protected]> writes: > OVS LLDP support is based on a fork of the lldpd daemon code from > 2015. Several bug fixes have landed upstream since then. Some > (buffer overflow in management address TLV, TLV ordering/size/ > uniqueness validation, duplicate-TLV memory leaks) were already > independently fixed in OVS. > > This series backports the four remaining applicable fixes from > upstream lldpd to the OVS fork: > > 1/4 - Zero-initialize addr_str_buffer to prevent uninitialized > memory reads (OSS-Fuzz, upstream 83f0edd). > > 2/4 - Reject zero-length management address to prevent unsigned > underflow of addr_length (upstream 1d55036). > > 3/4 - Fix out-of-order TLV warning messages that logged the wrong > variable and had confusing wording (upstream 8317658). > > 4/4 - Don't discard the entire LLDPDU when a single TLV has an > unknown type, per IEEE 802.1AB-2005 (upstream 314ca27). > > --- > v2: Fix Signed-off-by email typo (tredaell -> tredaelli). >
Thanks Timothy - applied. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
