proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-14 15:47:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: Check capability falls on right multiple of size, where possible.

Browse Source 
* bgp_open.c: (cap_modsizes) Table of multiple a capability's data size
  should fall on, if applicable.
  (bgp_capability_parse) Check the header lengthcap_modsizes should fall on.

  Inspiration from Cumulus bgpd-capability-cleanup.patch patch, with a
  slightly different approach.

Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 4078f2eb7a3a94ddb30cfd8b76b054e790aab524)
This commit is contained in:
Paul Jakma 2015-11-25 17:14:35 +00:00 committed by vivek
parent 48abfbeb3b
commit 695ef95fd7
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
bgpd/bgp_open.c
View File

@ -713,6 +713,23 @@ static const size_t cap_minsizes[] =
[CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN, [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
}; };
/* value the capability must be a multiple of.
* 0-data capabilities won't be checked against this.
* Other capabilities whose data doesn't fall on convenient boundaries for this
* table should be set to 1.
*/
static const size_t cap_modsizes[] =
{
[CAPABILITY_CODE_MP] = 4,
[CAPABILITY_CODE_REFRESH] = 1,
[CAPABILITY_CODE_ORF] = 1,
[CAPABILITY_CODE_RESTART] = 1,
[CAPABILITY_CODE_AS4] = 4,
[CAPABILITY_CODE_DYNAMIC] = 1,
[CAPABILITY_CODE_REFRESH_OLD] = 1,
[CAPABILITY_CODE_ORF_OLD] = 1,
};
/** /**
* Parse given capability. * Parse given capability.
* XXX: This is reading into a stream, but not using stream API * XXX: This is reading into a stream, but not using stream API
@ -790,6 +807,19 @@ bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR); bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
return -1; return -1;
} }
if (caphdr.length
&& caphdr.length % cap_modsizes[caphdr.code] != 0)
{
zlog_info ("%s %s Capability length error: got %u,"
" expected a multiple of %u",
peer->host,
LOOKUP (capcode_str, caphdr.code),
caphdr.length,
(unsigned) cap_modsizes[caphdr.code]);
bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
BGP_NOTIFY_OPEN_UNSPECIFIC);
return -1;
}
/* we deliberately ignore unknown codes, see below */ /* we deliberately ignore unknown codes, see below */
default: default:
break; break;