diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2024-08-14 20:03:33 +1000 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2024-08-14 12:20:31 +0200 |
commit | 61c0b0d0f199589c72bd53e267d797a8e4bf1478 (patch) | |
tree | 6202cee98866f98c35a19465ba0c7997fc7a3445 /test/two_guests | |
parent | baba2849126500eca86a1c93c4f04940e5af1b62 (diff) | |
download | passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.tar passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.tar.gz passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.tar.bz2 passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.tar.lz passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.tar.xz passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.tar.zst passt-61c0b0d0f199589c72bd53e267d797a8e4bf1478.zip |
flow: Don't crash if guest attempts to connect to port 02024_08_14.61c0b0d
Using a zero port on TCP or UDP is dubious, and we can't really deal with
forwarding such a flow within the constraints of the socket API. Hence
we ASSERT()ed that we had non-zero ports in flow_hash().
The intention was to make sure that the protocol code sanitizes such ports
before completing a flow entry. Unfortunately, flow_hash() is also called
on new packets to see if they have an existing flow, so the unsanitized
guest packet can crash passt with the assert.
Correct this by moving the assert from flow_hash() to flow_sidx_hash()
which is only used on entries already in the table, not on unsanitized
data.
Reported-by: Matt Hamilton <matt@thmail.io>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'test/two_guests')
0 files changed, 0 insertions, 0 deletions