On Mon, Mar 28, 2011 at 01:20:02PM -0700, Ethan Jackson wrote: > Ben pointed out that an attacker could cause OVS to use infinite > memory by sending a series of CCMs with different MAIDs. Each > message would cause a remote_maid to be allocated and stored for > several seconds. > > Since Commit 1c2e2d2fc8 (cfm: Don't report unexpected remote > endpoints) no longer reports unexpected remote MAIDS and MPs in the > database, the only reason to keep track of this information is for > debugging purposes. In my judgment, it provides negligible useful > debugging information at the expense of significantly increased > code complexity. This commit rips it out entirely.
Looks good to me! If you want to retain at least a little of the debuggability, without the code complexity and memory cost, you could log invalid MAIDs and MPs with a suitable rate limit. Thank you. _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
