proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-05-16 11:09:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: fix covery 1566055, label table overrun

Browse Source 
In case the full label stack is used, there may be
a table overrun happening. Avoid it by increasing the
size of the table.

Fixes: 27f4deed0a ("bgpd: update the mpls entry to handle return traffic")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This commit is contained in:
Philippe Guibert 2023-06-27 18:21:53 +02:00
parent 81664e7201
commit bf11a19e93
1 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
bgpd/bgp_mplsvpn.c
View File

@ -4023,14 +4023,21 @@ static void bgp_mplsvpn_nh_label_bind_send_nexthop_label(
}
p = &pfx_nh;
if (nh->nh_label) {
if (nh->nh_label->num_labels >
MPLS_MAX_LABELS - num_labels)
lsp_num_labels = MPLS_MAX_LABELS - num_labels;
else
lsp_num_labels = nh->nh_label->num_labels;
if (nh->nh_label->num_labels + 1 > MPLS_MAX_LABELS) {
/* label stack overflow. no label switching will be performed
*/
flog_err(EC_BGP_LABEL,
"%s [Error] BGP label %u->%u to %pFX, forged label stack too big: %u. Abort LSP installation",
bmnc->bgp_vpn->name_pretty,
bmnc->new_label, bmnc->orig_label,
&bmnc->nexthop,
nh->nh_label->num_labels + 1);
return;
}
lsp_num_labels = nh->nh_label->num_labels;
for (i = 0; i < lsp_num_labels; i++)
label[num_labels + i] = nh->nh_label->label[i];
num_labels += lsp_num_labels;
num_labels = lsp_num_labels;
}
label[num_labels] = bmnc->orig_label;
num_labels += 1;