From: Ben Pfaff Date: Fri, 30 Jan 2009 00:42:48 +0000 (-0800) Subject: datapath: Disallow action length 0, preventing DoS due to infinite loop. X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e9d65ae957598fc64649fc64b6bb5b128c7580f7;p=openvswitch datapath: Disallow action length 0, preventing DoS due to infinite loop. --- diff --git a/datapath/dp_act.c b/datapath/dp_act.c index dcc93b93..f2964222 100644 --- a/datapath/dp_act.c +++ b/datapath/dp_act.c @@ -366,7 +366,7 @@ validate_actions(struct datapath *dp, const struct sw_flow_key *key, /* Make there's enough remaining data for the specified length * and that the action length is a multiple of 64 bits. */ - if ((actions_len < len) || (len % 8) != 0) + if (!len || (actions_len < len) || (len % 8) != 0) return OFPBAC_BAD_LEN; type = ntohs(ah->type); diff --git a/udatapath/dp_act.c b/udatapath/dp_act.c index 0baa0aba..8f7f9b63 100644 --- a/udatapath/dp_act.c +++ b/udatapath/dp_act.c @@ -360,7 +360,7 @@ validate_actions(struct datapath *dp, const struct sw_flow_key *key, /* Make there's enough remaining data for the specified length * and that the action length is a multiple of 64 bits. */ - if ((actions_len < len) || (len % 8) != 0) { + if (!len || (actions_len < len) || (len % 8) != 0) { return OFPBAC_BAD_LEN; }