From cc75bdf02686cf271bb3781a5787ad7a8a214445 Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Wed, 8 Nov 2023 15:26:40 +0200
Subject: [PATCH] bgpd: Set the software version capability received flag only
 after a validation

We shouldn't set it blindly once the packet is received, but first we have to
do some sanity checks.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 bgpd/bgp_open.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
index 6ee5b5dc5c..b030c455bc 100644
--- a/bgpd/bgp_open.c
+++ b/bgpd/bgp_open.c
@@ -889,8 +889,6 @@ static int bgp_capability_software_version(struct peer *peer,
 	size_t end = stream_get_getp(s) + hdr->length;
 	uint8_t len;
 
-	SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV);
-
 	len = stream_getc(s);
 	if (stream_get_getp(s) + len > end) {
 		flog_warn(
@@ -900,6 +898,8 @@ static int bgp_capability_software_version(struct peer *peer,
 		return -1;
 	}
 
+	SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV);
+
 	if (len > BGP_MAX_SOFT_VERSION) {
 		flog_warn(EC_BGP_CAPABILITY_INVALID_LENGTH,
 			  "%s: Received Software Version, but the length is too big, truncating, from peer %s",