At Tue, 27 Sep 2016 12:43:51 -0400, Victor J. Orlikowski wrote: > > On Tue, Sep 27, 2016, at 05:19 AM, Michał Rzepka <mrze...@student.agh.edu.pl> > wrote: > > Recently, I discovered major multipart message parser flaw. The issue > > was observed while testing Aggregate Flow Statistics message in OpenFlow > > 1.5 and Open vSwitch. Similar (and potentially also vulnerable) code > > snippets are also present in other message parsers (e.g. OFPHello). I'd > > like to ask for opinions on proposed solution. If accepted, similar > > patches should also be applied for other message parsers. > > > > This is an *excellent* catch, and I *completely* agree. > > I suspect that the code, as a whole, needs auditing for message parsing > vulnerabilities; your catch, as well as the one found by Samuel Jero, > makes me fear that there are *many* such input validation bugs. > > I hope that Fujita-san applies this patch, as well as any others you > submit to resolve any similar such errors, as soon as possible.
Agreed. such kind of while-loops are wide-spread throughout ryu/ofproto. We would likely end up sprinkling length > 0 assertion checks to them. -- IWAMOTO Toshihiro ------------------------------------------------------------------------------ _______________________________________________ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
