Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ospfd: Prevent crash by accessing memory not owned. #7603

Merged
merged 1 commit into from
Nov 26, 2020
Merged

ospfd: Prevent crash by accessing memory not owned. #7603

merged 1 commit into from
Nov 26, 2020

Conversation

donaldsharp
Copy link
Member

When allocating memory for the struct ospf_metric we
were using uint32_t instead of the actual size of this
structure. When we wrote to it we would be writing
into other people's memory.

Found-by: Amol Lad
Signed-off-by: Donald Sharp sharpd@nvidia.com

@donaldsharp
ospfd: Prevent crash by accessing memory not owned.
cf0f13d 
When allocating memory for the `struct ospf_metric` we
were using `uint32_t` instead of the actual size of this
structure.  When we wrote to it we would be writing
into other people's memory.

Found-by: Amol Lad
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
@LabN-CI
Copy link
Collaborator

LabN-CI commented Nov 25, 2020

💚 Basic BGPD CI results: SUCCESS, 0 tests failed

Results table
_ _
Result SUCCESS git merge/7603 cf0f13d
Date 11/25/2020
Start 10:31:33
Finish 11:06:54
Run-Time 35:21
Total 1815
Pass 1815
Fail 0
Valgrind-Errors 0
Valgrind-Loss 0
Details vncregress-2020-11-25-10:31:33.txt
Log autoscript-2020-11-25-10:32:35.log.bz2
Memory 497 492 427

For details, please contact louberger

@donaldsharp
Copy link
Member Author

ci:rerun

@NetDEF-CI
Copy link
Collaborator

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-15658/

This is a comment from an automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

Warnings Generated during build:

Debian 10 amd64 build: Successful with additional warnings

Debian Package lintian failed for Debian 10 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-15658/artifact/DEB10BUILD/ErrorLog/log_lintian.txt)

W: frr source: pkg-js-tools-test-is-missing
W: frr source: newer-standards-version 4.5.0.3 (current is 4.3.0)
W: frr source: pkg-js-tools-test-is-missing
W: frr source: newer-standards-version 4.5.0.3 (current is 4.3.0)
W: frr-doc: changelog-file-missing-explicit-entry 7.5-0 -> 7.6-dev-20201125-05-gcf0f13de2-0 (missing) -> 7.6-dev-20201125-05-gcf0f13de2-0~deb10u1
W: frr: changelog-file-missing-explicit-entry 7.5-0 -> 7.6-dev-20201125-05-gcf0f13de2-0 (missing) -> 7.6-dev-20201125-05-gcf0f13de2-0~deb10u1
W: frr-rpki-rtrlib: changelog-file-missing-explicit-entry 7.5-0 -> 7.6-dev-20201125-05-gcf0f13de2-0 (missing) -> 7.6-dev-20201125-05-gcf0f13de2-0~deb10u1
W: frr-snmp: changelog-file-missing-explicit-entry 7.5-0 -> 7.6-dev-20201125-05-gcf0f13de2-0 (missing) -> 7.6-dev-20201125-05-gcf0f13de2-0~deb10u1
W: frr-pythontools: changelog-file-missing-explicit-entry 7.5-0 -> 7.6-dev-20201125-05-gcf0f13de2-0 (missing) -> 7.6-dev-20201125-05-gcf0f13de2-0~deb10u1

CLANG Static Analyzer Summary

  • Github Pull Request 7603, comparing to Git base SHA f286bcf

No Changes in Static Analysis warnings compared to base

1 Static Analyzer issues remaining.

See details at
https://ci1.netdef.org/browse/FRR-FRRPULLREQ-15658/artifact/shared/static_analysis/index.html

@ton31337 ton31337 merged commit 4cfb2ae into FRRouting:master Nov 26, 2020
@donaldsharp donaldsharp deleted the ospf_crash_fix branch June 23, 2021 11:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qlyoung qlyoung qlyoung approved these changes

@mjstapp mjstapp mjstapp approved these changes

Assignees
No one assigned
Labels
ospf
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@donaldsharp @LabN-CI @NetDEF-CI @qlyoung @mjstapp @ton31337 @polychaeta