ofagent: Fix a possible crash in arp responder

Be careful for exceptions when feeding packet-in data,
which is generated by tenant VMs and thus can not be trusted,
to Ryu packet library.

Closes-Bug: #1365255
Change-Id: Ia8bacfb55def563a1b23a47709ae72bd4fce0fce
This commit is contained in:
YAMAMOTO Takashi 2014-09-04 13:06:21 +09:00
parent 1f80d73277
commit ab786890f2
2 changed files with 12 additions and 1 deletions

View File

@ -143,7 +143,13 @@ class ArpLib(object):
ofp = datapath.ofproto ofp = datapath.ofproto
port = msg.match['in_port'] port = msg.match['in_port']
metadata = msg.match.get('metadata') metadata = msg.match.get('metadata')
pkt = packet.Packet(msg.data) # NOTE(yamamoto): Ryu packet library can raise various exceptions
# on a corrupted packet.
try:
pkt = packet.Packet(msg.data)
except Exception as e:
LOG.info(_LI("Unparsable packet: got exception %s"), e)
return
LOG.info(_LI("packet-in dpid %(dpid)s in_port %(port)s pkt %(pkt)s"), LOG.info(_LI("packet-in dpid %(dpid)s in_port %(port)s pkt %(pkt)s"),
{'dpid': dpid_lib.dpid_to_str(datapath.id), {'dpid': dpid_lib.dpid_to_str(datapath.id),
'port': port, 'pkt': pkt}) 'port': port, 'pkt': pkt})

View File

@ -289,6 +289,11 @@ class TestArpLib(OFAAgentTestCase):
self._fake_get_protocol_arp = False self._fake_get_protocol_arp = False
self._test_packet_in_handler_drop() self._test_packet_in_handler_drop()
def test_packet_in_handler_corrupted(self):
mock.patch('ryu.lib.packet.packet.Packet',
side_effect=ValueError).start()
self._test_packet_in_handler_drop()
def test_packet_in_handler_unknown_network(self): def test_packet_in_handler_unknown_network(self):
self.arplib._arp_tbl = { self.arplib._arp_tbl = {
self.nets[0].net: {self.nets[0].ip: self.nets[0].mac}} self.nets[0].net: {self.nets[0].ip: self.nets[0].mac}}