diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2024-04-09 12:40:02 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2024-04-09 12:40:02 +0000 |
| commit | be2049b0b9e1199d2b0139fbc4f3ddecf75ccd9a (patch) | |
| tree | 1cf8ba8109c8046b4e903d2920bc8d0d58e35973 /usr.sbin/bgpd/parse.y | |
| parent | 642861e8b11b944dd10269149974138261537102 (diff) | |
Limit the number of provider ASnumbers to MAX_ASPA_SPAS_COUNT (10'000)
in the parser as well.
OK tb@
Diffstat (limited to 'usr.sbin/bgpd/parse.y')
| -rw-r--r-- | usr.sbin/bgpd/parse.y | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y index 646bf967141..9c2a7c9d5e6 100644 --- a/usr.sbin/bgpd/parse.y +++ b/usr.sbin/bgpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.459 2024/04/09 09:03:18 claudio Exp $ */ +/* $OpenBSD: parse.y,v 1.460 2024/04/09 12:40:01 claudio Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -5482,8 +5482,8 @@ merge_aspa_set(uint32_t as, struct aspa_tas_l *tas, time_t expires) RB_INSERT(aspa_tree, &conf->aspa, aspa); } - if (UINT32_MAX - aspa->num <= tas->num) { - yyerror("aspa_set overflow"); + if (MAX_ASPA_SPAS_COUNT - aspa->num <= tas->num) { + yyerror("too many providers for customer-as %u", as); return -1; } num = aspa->num + tas->num; @@ -5500,6 +5500,7 @@ merge_aspa_set(uint32_t as, struct aspa_tas_l *tas, time_t expires) aspa->num = num; aspa->tas = newtas; + /* take the longest expiry time, same logic as for ROA entries */ if (aspa->expires != 0 && expires != 0 && expires > aspa->expires) aspa->expires = expires; |