mirror of
https://git.proxmox.com/git/mirror_frr
synced 2025-05-28 21:16:14 +00:00
370b64a2ad
2007-12-22 Paul Jakma <paul.jakma@sun.com> * Fix series of vulnerabilities reported by "Mu Security Research Team", where bgpd can be made to crash by sending malformed packets - requires that bgpd be configured with a session to the peer. * bgp_attr.c: (bgp_attr_as4_path) aspath_parse may fail, only set the attribute flag indicating AS4_PATH if we actually managed to parse one. (bgp_attr_munge_as4_attrs) Assert was too general, it is possible to receive AS4_AGGREGATOR before AGGREGATOR. (bgp_attr_parse) Check that we have actually received the extra byte of header for Extended-Length attributes. * bgp_attr.h: Fix BGP_ATTR_MIN_LEN to account for the length byte. * bgp_open.c: (cap_minsizes) Fix size of CAPABILITY_CODE_RESTART, incorrect -2 left in place from a development version of as4-path patch. * bgp_packet.c: (bgp_route_refresh_receive) ORF length parameter needs to be properly sanity checked. * tests/bgp_capability_test.c: Test for empty capabilities. |
||
|---|---|---|
| .. | ||
| .cvsignore | ||
| aspath_test.c | ||
| bgp_capability_test.c | ||
| ChangeLog | ||
| ecommunity_test.c | ||
| heavy-thread.c | ||
| heavy-wq.c | ||
| heavy.c | ||
| main.c | ||
| Makefile.am | ||
| test-buffer.c | ||
| test-memory.c | ||
| test-privs.c | ||
| test-sig.c | ||
| test-stream.c | ||