projects / cascardo / ovs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 51cf5e7)
datapath/flow_netlink: Validate IPv6 flow key and mask values.
authorJarno Rajahalme <jrajahalme@nicira.com>
Mon, 11 Aug 2014 15:38:58 +0000 (08:38 -0700)
committerJarno Rajahalme <jrajahalme@nicira.com>
Mon, 11 Aug 2014 16:05:59 +0000 (09:05 -0700)
Reject flow label key and mask values with invalid bits set.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
datapath/flow_netlink.c patch | blob | history

diff --git a/datapath/flow_netlink.c b/datapath/flow_netlink.c
index 17aee02..e525c9d 100644 (file)
--- a/datapath/flow_netlink.c
+++ b/datapath/flow_netlink.c
@@ -678,6 +678,11 @@ static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
                                ipv6_key->ipv6_frag, OVS_FRAG_TYPE_MAX);
                        return -EINVAL;
                }
+               if (ipv6_key->ipv6_label & htonl(0xFFF00000)) {
+                       OVS_NLERR("Invalid IPv6 flow label value (value=%x, max=%x).\n",
+                                 ntohl(ipv6_key->ipv6_label), (1 << 20) - 1);
+                       return -EINVAL;
+               }
                SW_FLOW_KEY_PUT(match, ipv6.label,
                                ipv6_key->ipv6_label, is_mask);
                SW_FLOW_KEY_PUT(match, ip.proto,
Unnamed repository; edit this file 'description' to name the repository.