diff options
author | Claudio Jeker <claudio@cvs.openbsd.org> | 2009-03-13 04:19:44 +0000 |
---|---|---|
committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2009-03-13 04:19:44 +0000 |
commit | 0a4daf9300abe4cb8f4e7e1cccaac1d2e4a22e98 (patch) | |
tree | 1b1bb659453bdac9cce59d30fedc4881416542cc /usr.sbin/bgpd | |
parent | da65acbd1428ad930a228f03948ed11537887836 (diff) |
More paranoia when parsing empty updates. Make sure they are really empty and
don't come with some additional stuff attached to them.
OK henning@
Diffstat (limited to 'usr.sbin/bgpd')
-rw-r--r-- | usr.sbin/bgpd/rde.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index ed6fa34ed35..377917db28d 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.235 2009/01/13 21:35:16 sthen Exp $ */ +/* $OpenBSD: rde.c,v 1.236 2009/03/13 04:19:43 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -856,8 +856,16 @@ rde_update_dispatch(struct imsg *imsg) prefix_remove(peer, &prefix, prefixlen, F_ORIGINAL); } - if (attrpath_len == 0) /* 0 = no NLRI information in this message */ + if (attrpath_len == 0) { + /* 0 = no NLRI information in this message */ + if (nlri_len != 0) { + /* crap at end of update which should not be there */ + rde_update_err(peer, ERR_UPDATE, + ERR_UPD_ATTRLIST, NULL, 0); + return (-1); + } return (0); + } /* withdraw MP_UNREACH_NLRI if available */ if (mpa.unreach_len != 0) { |