代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/openvswitch 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 78e712c0b1dacc2f12d2a03d98f083d8672867f0 Mon Sep 17 00:00:00 2001
From: Aaron Conole <aconole@redhat.com>
Date: Wed, 13 Jan 2021 10:47:19 -0500
Subject: [PATCH] lldp: do not leak memory on multiple instances of TLVs
Upstream commit:
commit a8d3c90feca548fc0656d95b5d278713db86ff61
Date: Tue, 17 Nov 2020 09:28:17 -0500
lldp: avoid memory leak from bad packets
A packet that contains multiple instances of certain TLVs will cause
lldpd to continually allocate memory and leak the old memory. As an
example, multiple instances of system name TLV will cause old values
to be dropped by the decoding routine.
Reported-at: https://github.com/openvswitch/ovs/pull/337
Reported-by: Jonas Rudloff <jonas.t.rudloff@gmail.com>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Vulnerability: CVE-2020-27827
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
---
lib/lldp/lldp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/lldp/lldp.c b/lib/lldp/lldp.c
index e5755307fb..18afbab9a7 100644
--- a/lib/lldp/lldp.c
+++ b/lib/lldp/lldp.c
@@ -513,10 +513,13 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
b = xzalloc(tlv_size + 1);
PEEK_BYTES(b, tlv_size);
if (tlv_type == LLDP_TLV_PORT_DESCR) {
+ free(port->p_descr);
port->p_descr = b;
} else if (tlv_type == LLDP_TLV_SYSTEM_NAME) {
+ free(chassis->c_name);
chassis->c_name = b;
} else {
+ free(chassis->c_descr);
chassis->c_descr = b;
}
break;
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。