diff options
| author | Esben Norby <norby@cvs.openbsd.org> | 2005-04-06 20:21:09 +0000 |
|---|---|---|
| committer | Esben Norby <norby@cvs.openbsd.org> | 2005-04-06 20:21:09 +0000 |
| commit | 12a1e6181325fb6247c3a2e714b89c56a5275b65 (patch) | |
| tree | 2905ddc0b04767c752f6fb90ea785aef5ea05578 /usr.sbin/ospfd/parse.y | |
| parent | 5094f416718aea7b799927f607b56891042d18c7 (diff) | |
Add check for key lengths. Based on diff from Jason Ackley.
Reworked by me.
ok claudio@
Diffstat (limited to 'usr.sbin/ospfd/parse.y')
| -rw-r--r-- | usr.sbin/ospfd/parse.y | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/usr.sbin/ospfd/parse.y b/usr.sbin/ospfd/parse.y index 2d984e236a7..53c5f98c569 100644 --- a/usr.sbin/ospfd/parse.y +++ b/usr.sbin/ospfd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.11 2005/03/31 19:32:10 norby Exp $ */ +/* $OpenBSD: parse.y,v 1.12 2005/04/06 20:21:08 norby Exp $ */ /* * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org> @@ -254,11 +254,18 @@ conf_main : METRIC number { authmd : AUTHMD number STRING { if (iface != NULL) { if ($2 < MIN_MD_ID || $2 > MAX_MD_ID) { - yyerror("keyid out of range " + yyerror("auth-keyid out of range " "(%d-%d)", MIN_MD_ID, MAX_MD_ID); free($3); YYERROR; } + if (strlen($3) > MD5_DIGEST_LENGTH) { + yyerror("auth-md length out of range " + "(max length %d)", + MD5_DIGEST_LENGTH); + free($3); + YYERROR; + } md_list_add(iface, $2, $3); } free($3); @@ -267,7 +274,7 @@ authmd : AUTHMD number STRING { authmdkeyid : AUTHMDKEYID number { if (iface != NULL) { if ($2 < MIN_MD_ID || $2 > MAX_MD_ID) { - yyerror("keyid out of range " + yyerror("auth-keyid out of range " "(%d-%d)", MIN_MD_ID, MAX_MD_ID); YYERROR; } @@ -296,8 +303,13 @@ authtype : AUTHTYPE STRING { authkey : AUTHKEY STRING { if (iface != NULL) { + if (strlen($2) > MAX_SIMPLE_AUTH_LEN) { + yyerror("auth-key size out of range " + "(max %d)", MAX_SIMPLE_AUTH_LEN); + free($2); + YYERROR; + } iface->auth_key = $2; - /* XXX truncate and warn! */ } } ; |