mirror of
https://git.proxmox.com/git/mirror_frr
synced 2025-11-03 06:28:33 +00:00
4c005e3f65
In bgpd/bgp_community_del_val memcpy is used for potentially overlapping regions which is *not* safe. It may "work" in some cases but is not guaranteed to work in all cases. The case that I saw fail was on an x86_64 architecture with the number of bytes being moved/copied equal to 8. The way the code is written the uint32_t pointers will always differ by 1, which is equivalent to a memcpy/memmove of regions that are 4 bytes away from one another. So the code failed while copying an 8 byte region to an address that is 4 bytes lower i.e. overlapping regions. Interestingly, the same architecture had no problems with a 12 byte copy. When the code failed the communities were [200,300,400] and a call was made to delete the 200 community. The result of this was an array that looked like [400,400] which was uniquified to [400]. Of course the expected result should have been [300, 400]. One additional point - in our production environment memmove would not *link* without including <string.h> but in an isolated quagga git repo this #include does not seem to be required and I see memmove is used in vtysh.c without this #include either. Signed-off-by: David Lamparter <equinox@opensourcerouting.org> |
||
|---|---|---|
| babeld | ||
| bgpd | ||
| doc | ||
| fpm | ||
| init | ||
| isisd | ||
| lib | ||
| m4 | ||
| ospf6d | ||
| ospfclient | ||
| ospfd | ||
| pkgsrc | ||
| ports | ||
| redhat | ||
| ripd | ||
| ripngd | ||
| solaris | ||
| tests | ||
| tools | ||
| vtysh | ||
| watchquagga | ||
| zebra | ||
| .gitignore | ||
| AUTHORS | ||
| bootstrap.sh | ||
| buildtest.sh | ||
| ChangeLog | ||
| configure.ac | ||
| COPYING | ||
| COPYING.LIB | ||
| HACKING.pending | ||
| HACKING.tex | ||
| INSTALL.quagga.txt | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
| README.NetBSD | ||
| REPORTING-BUGS | ||
| SERVICES | ||
| stamp-h.in | ||
| TODO | ||
| update-autotools | ||
Quagga is free software that manages various IPv4 and IPv6 routing protocols. Currently Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng as well as very early support for IS-IS. See the file INSTALL.quagga.txt for building and installation instructions. See the file REPORTING-BUGS to report bugs. Quagga is free software. See the file COPYING for copying conditions.