From 719b26901c1c99957c87ee99d079bcb0d43760ca Mon Sep 17 00:00:00 2001
From: Olivier Dugeon <olivier.dugeon@orange.com>
Date: Fri, 21 Apr 2023 18:09:28 +0200
Subject: [PATCH] lib: Link State memory corruption

In function ls_find_subnet(), prefix argument is directly copied into
subnet.key structure to find corresponding subnet in RB Tree. This could leadr
to a memory corruption. Function prefix_copy() must be used instead.

This patch replaces the direct prefix copy by a call to prefix_copy() function
to avoid this memory issue.

Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 lib/link_state.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/link_state.c b/lib/link_state.c
index af1c62bf9c..b698b161d8 100644
--- a/lib/link_state.c
+++ b/lib/link_state.c
@@ -951,7 +951,7 @@ struct ls_subnet *ls_find_subnet(struct ls_ted *ted, const struct prefix prefix)
 {
 	struct ls_subnet subnet = {};
 
-	subnet.key = prefix;
+	prefix_copy(&subnet.key, &prefix);
 	return subnets_find(&ted->subnets, &subnet);
 }