proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-05-03 15:17:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: improve attr flags checks

Browse Source 
Do not check each of the Optional/Transitive/Partial attribute
flag bits, when their only valid combination is known in advance,
but still perform bit-deep error message logging. This change
assumes unused (low-order) 4 bits of the flag octet cleared.

* bgp_attr.c
  * bgp_attr_origin(): rewrite check
  * bgp_attr_nexthop(): idem
  * bgp_attr_med(): idem
  * bgp_attr_local_pref(): idem
  * bgp_attr_atomic(): idem

Conflicts:

	bgpd/bgp_attr.c
This commit is contained in:
Denis Ovsienko 2011-09-27 15:47:25 +04:00
parent 2d42e68aa0
commit b84b62dfb6
1 changed files with 53 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
bgpd/bgp_attr.c
View File

@ -773,29 +773,15 @@ bgp_attr_origin (struct peer *peer, bgp_size_t length,
with the Attribute Type Code, then the Error Subcode is set to with the Attribute Type Code, then the Error Subcode is set to
Attribute Flags Error. The Data field contains the erroneous Attribute Flags Error. The Data field contains the erroneous
attribute (type, length and value). */ attribute (type, length and value). */
if (flag != BGP_ATTR_FLAG_TRANS)
{
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL))
{ zlog (peer->log, LOG_ERR, "ORIGIN attribute must not be flagged as \"optional\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"ORIGIN attribute must not be flagged as \"optional\" (%u)", flag);
return bgp_attr_malformed (peer, BGP_ATTR_ORIGIN, flag,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
}
if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS)) if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS))
{ zlog (peer->log, LOG_ERR, "ORIGIN attribute must be flagged as \"transitive\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"ORIGIN attribute must be flagged as \"transitive\" (%u)", flag);
return bgp_attr_malformed (peer, BGP_ATTR_ORIGIN, flag,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
}
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL))
{ zlog (peer->log, LOG_ERR, "ORIGIN attribute must not be flagged as \"partial\" (%u)", flag);
zlog (peer->log, LOG_ERR, return bgp_attr_malformed (peer, BGP_ATTR_ORIGIN, flag, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, startp, total);
"ORIGIN attribute must not be flagged as \"partial\" (%u)", flag);
return bgp_attr_malformed (peer, BGP_ATTR_ORIGIN, flag,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
} }
/* If any recognized attribute has Attribute Length that conflicts /* If any recognized attribute has Attribute Length that conflicts
@ -994,29 +980,15 @@ bgp_attr_nexthop (struct peer *peer, bgp_size_t length,
total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3); total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
/* Flags check. */ /* Flags check. */
if (flag != BGP_ATTR_FLAG_TRANS)
{
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL))
{ zlog (peer->log, LOG_ERR, "NEXT_HOP attribute must not be flagged as \"optional\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"NEXT_HOP attribute must not be flagged as \"optional\" (%u)", flag);
return bgp_attr_malformed (peer, BGP_ATTR_NEXT_HOP, flag,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
}
if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS)) if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS))
{ zlog (peer->log, LOG_ERR, "NEXT_HOP attribute must be flagged as \"transitive\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"NEXT_HOP attribute must be flagged as \"transitive\" (%u)", flag);
return bgp_attr_malformed (peer, BGP_ATTR_NEXT_HOP, flag,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
}
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL))
{ zlog (peer->log, LOG_ERR, "NEXT_HOP attribute must not be flagged as \"partial\" (%u)", flag);
zlog (peer->log, LOG_ERR, return bgp_attr_malformed (peer, BGP_ATTR_NEXT_HOP, flag, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, startp, total);
"NEXT_HOP attribute must not be flagged as \"partial\" (%u)", flag);
return bgp_attr_malformed (peer, BGP_ATTR_NEXT_HOP, flag,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
} }
/* Check nexthop attribute length. */ /* Check nexthop attribute length. */
@ -1063,34 +1035,15 @@ bgp_attr_med (struct peer *peer, bgp_size_t length,
total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3); total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
/* Flag checks. */ /* Flag checks. */
if (flag != BGP_ATTR_FLAG_OPTIONAL)
{
if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL)) if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL))
{ zlog (peer->log, LOG_ERR, "MULTI_EXIT_DISC attribute must be flagged as \"optional\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"MULTI_EXIT_DISC attribute must be flagged as \"optional\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1;
}
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS))
{ zlog (peer->log, LOG_ERR, "MULTI_EXIT_DISC attribute must not be flagged as \"transitive\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"MULTI_EXIT_DISC attribute must not be flagged as \"transitive\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1;
}
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL))
{ zlog (peer->log, LOG_ERR, "MULTI_EXIT_DISC attribute must not be flagged as \"partial\" (%u)", flag);
zlog (peer->log, LOG_ERR, bgp_notify_send_with_data (peer, BGP_NOTIFY_UPDATE_ERR, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, startp, total);
"MULTI_EXIT_DISC attribute must not be flagged as \"partial\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1; return -1;
} }
@ -1121,34 +1074,15 @@ bgp_attr_local_pref (struct peer *peer, bgp_size_t length,
total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3); total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
/* Flag checks. */ /* Flag checks. */
if (flag != BGP_ATTR_FLAG_TRANS)
{
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL))
{ zlog (peer->log, LOG_ERR, "LOCAL_PREF attribute must not be flagged as \"optional\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"LOCAL_PREF attribute must be flagged as \"well-known\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1;
}
if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS)) if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS))
{ zlog (peer->log, LOG_ERR, "LOCAL_PREF attribute must be flagged as \"transitive\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"LOCAL_PREF attribute must be flagged as \"transitive\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1;
}
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL))
{ zlog (peer->log, LOG_ERR, "LOCAL_PREF attribute must not be flagged as \"partial\" (%u)", flag);
zlog (peer->log, LOG_ERR, bgp_notify_send_with_data (peer, BGP_NOTIFY_UPDATE_ERR, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, startp, total);
"LOCAL_PREF attribute must not be flagged as \"partial\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1; return -1;
} }
@ -1181,34 +1115,15 @@ bgp_attr_atomic (struct peer *peer, bgp_size_t length,
total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3); total = length + (CHECK_FLAG (flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
/* Flag checks. */ /* Flag checks. */
if (flag != BGP_ATTR_FLAG_TRANS)
{
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_OPTIONAL))
{ zlog (peer->log, LOG_ERR, "ATOMIC_AGGREGATE attribute must not be flagged as \"optional\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"ATOMIC_AGGREGATE attribute must not be flagged as \"optional\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1;
}
if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS)) if (! CHECK_FLAG (flag, BGP_ATTR_FLAG_TRANS))
{ zlog (peer->log, LOG_ERR, "ATOMIC_AGGREGATE attribute must be flagged as \"transitive\" (%u)", flag);
zlog (peer->log, LOG_ERR,
"ATOMIC_AGGREGATE attribute must be flagged as \"transitive\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1;
}
if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL)) if (CHECK_FLAG (flag, BGP_ATTR_FLAG_PARTIAL))
{ zlog (peer->log, LOG_ERR, "ATOMIC_AGGREGATE attribute must not be flagged as \"partial\" (%u)", flag);
zlog (peer->log, LOG_ERR, bgp_notify_send_with_data (peer, BGP_NOTIFY_UPDATE_ERR, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, startp, total);
"ATOMIC_AGGREGATE attribute must not be flagged as \"partial\" (%u)", flag);
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
startp, total);
return -1; return -1;
} }