On Sun, Nov 26, 2017 at 09:23:08PM -0800, Joe Stringer wrote: > On 26 November 2017 at 17:41, Ben Pfaff <b...@ovn.org> wrote: > > scan_u128() should return 0 on an error but it actually returned an errno > > value in some cases, so a command like this: > > ovs-appctl dpctl/add-flow 'ct_label(1/55555555555555555555555555)' '' > > could cause a buffer overread. > > > > This bug is not as severe as it may sound because the string form of ODP > > flows is not used over OpenFlow or OVSDB, only through the appctl interface > > that is normally used just by local system administrators and not exposed > > over a network. > > > > Reported-by: Bhargava Shastry <bshas...@sec.t-labs.tu-berlin.de> > > Signed-off-by: Ben Pfaff <b...@ovn.org> > > --- > > Acked-by: Joe Stringer <j...@ovn.org>
Thanks, Joe. I applied this to master and backported as far as branch-2.5. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
