netlink: added check to prevent netlink attribute overflow

If enough large input is passed to odp_actions_from_string it can
cause netlink attribute to overflow.
Check for buffer size was added to prevent entering this function
and returning appropriate error code.

Basic manual testing was performed.

Reported-by: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12231
Signed-off-by: Toms Atteka <cpp.code.lv@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>

diff --git a/lib/odp-util.c b/lib/odp-util.c
index e893f46a3a3ab315a20e84f9dca98f06b4f3d244..e288ae8e536b87d729faac914d09b78529f35952 100644 (file)
--- a/lib/odp-util.c
+++ b/lib/odp-util.c
@@ -2161,6 +2161,10 @@ parse_action_list(const char *s, const struct simap *port_names,
         n += retval;
     }
 
+    if (actions->size > UINT16_MAX) {
+        return -EFBIG;
+    }
+
     return n;
 }