diff options
author | Claudio Jeker <claudio@cvs.openbsd.org> | 2004-02-18 23:18:17 +0000 |
---|---|---|
committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2004-02-18 23:18:17 +0000 |
commit | fe15af133a0fe1bdd53547fde5b9f37d92204880 (patch) | |
tree | c3a35e9c513993d9b3d8f874760b17569f4d38d0 /usr.sbin/bgpd/rde.c | |
parent | e238173dd05b25936bd8bcbbc90495fc3e8d429e (diff) |
Correctly handle parse errors in aspath and prefixes. Also do input aspath
loop detection. OK henning@
Diffstat (limited to 'usr.sbin/bgpd/rde.c')
-rw-r--r-- | usr.sbin/bgpd/rde.c | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 76d5cd95f65..bc02e797c0d 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.80 2004/02/18 16:36:09 claudio Exp $ */ +/* $OpenBSD: rde.c,v 1.81 2004/02/18 23:18:16 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -386,6 +386,14 @@ rde_update_dispatch(struct imsg *imsg) NULL, 0); return (-1); } + if (prefixlen > 32) { + log_peer_warnx(&peer->conf, "bad prefix %s/%u", + inet_ntoa(prefix.v4), prefixlen); + rde_update_err(peer, ERR_UPDATE, ERR_UPD_NETWORK, + NULL, 0); + return (-1); + } + p += pos; withdrawn_len -= pos; rde_update_log("withdraw", peer, NULL, &prefix, prefixlen); @@ -408,7 +416,7 @@ rde_update_dispatch(struct imsg *imsg) attr_init(&attrs); while (attrpath_len > 0) { if ((pos = attr_parse(p, attrpath_len, &attrs, - peer->conf.ebgp, conf->as)) < 0) { + peer->conf.ebgp)) < 0) { emsg = attr_error(p, attrpath_len, &attrs, &subtype, &size); rde_update_err(peer, ERR_UPDATE, subtype, emsg, size); @@ -428,6 +436,17 @@ rde_update_dispatch(struct imsg *imsg) return (-1); } + /* aspath needs to be loop free nota bene this is not a hard error */ + if (peer->conf.ebgp && !aspath_loopfree(attrs.aspath, conf->as)) { + char *s; + aspath_asprint(&s, attrs.aspath->data, attrs.aspath->hdr.len); + log_peer_warnx(&peer->conf, "AS path loop: %s", s); + free(s); + aspath_destroy(attrs.aspath); + attr_optfree(&attrs); + return (0); + } + while (nlri_len > 0) { if ((pos = rde_update_get_prefix(p, nlri_len, &prefix, &prefixlen)) == -1) { @@ -437,6 +456,14 @@ rde_update_dispatch(struct imsg *imsg) attr_optfree(&attrs); return (-1); } + if (prefixlen > 32) { + log_peer_warnx(&peer->conf, "bad prefix %s/%u", + inet_ntoa(prefix.v4), prefixlen); + rde_update_err(peer, ERR_UPDATE, ERR_UPD_NETWORK, + NULL, 0); + return (-1); + } + p += pos; nlri_len -= pos; rde_update_log("update", peer, &attrs, &prefix, prefixlen); |