git.proxmox.com Git - mirror_ovs.git/commit

author	Flavio Leitner <fbl@sysclose.org>
	Mon, 26 Oct 2020 19:03:19 +0000 (16:03 -0300)
committer	Ilya Maximets <i.maximets@ovn.org>
	Wed, 10 Feb 2021 13:59:55 +0000 (14:59 +0100)
commit	79349cbab0b2a755140eedb91833ad2760520a83
tree	1b6c9bb873a4d7c20d7eb88f6e08ec3072e223b2	tree
parent	e4a89a7ccb4f46f4dc75c9e1a78d3f15525ba731	commit \| diff

flow: Support extra padding length.

Although not required, padding can be optionally added until
the packet length is MTU bytes. A packet with extra padding
currently fails sanity checks.

Vulnerability: CVE-2020-35498
Fixes: fa8d9001a624 ("miniflow_extract: Properly handle small IP packets.")
Reported-by: Joakim Hindersson <joakim.hindersson@elastx.se>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
Signed-off-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>

lib/conntrack.c		diff \| blob \| blame \| history
lib/dp-packet.h		diff \| blob \| blame \| history
lib/flow.c		diff \| blob \| blame \| history
tests/classifier.at		diff \| blob \| blame \| history