diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2006-03-13 16:49:36 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2006-03-13 16:49:36 +0000 |
| commit | 38467fcd3027e30e22574f41514a798f2afecee4 (patch) | |
| tree | 4441de33b1c906a5ad91faebab2d17b5c5284e00 /usr.sbin | |
| parent | 09ebc77c92d1cb49b5ba741c484078e1c654f9da (diff) | |
Fix for PR 5052. Be more careful about the announced networks we accept.
Make sure that at least the address family and the prefix length are sane.
Reported and fix tested by Pete Vickers.
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/bgpd/rde.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 6eb2abcfbcf..49ec0f622a5 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.200 2006/02/10 14:34:40 claudio Exp $ */ +/* $OpenBSD: rde.c,v 1.201 2006/03/13 16:49:35 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -343,7 +343,22 @@ rde_dispatch_imsg_session(struct imsgbuf *ibuf) break; } session_set = NULL; - network_add(&netconf_s, 0); + switch (netconf_s.prefix.af) { + case AF_INET: + if (netconf_s.prefixlen > 32) + goto badnet; + network_add(&netconf_s, 0); + break; + case AF_INET6: + if (netconf_s.prefixlen > 128) + goto badnet; + network_add(&netconf_s, 0); + break; + default: +badnet: + log_warnx("rde_dispatch: bad network"); + break; + } break; case IMSG_NETWORK_REMOVE: if (imsg.hdr.len - IMSG_HEADER_SIZE != |