summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2018-07-10 15:13:36 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2018-07-10 15:13:36 +0000
commit2bd710f5b4fe8036d1371d1b47d23a1eae9e0d02 (patch)
tree4f52e7f955df24963e7a2e9c2b0dd3c1c0470bca /usr.sbin
parent33c248397417a9d856fe5c6a3e08aae75b2f14e1 (diff)
rde_update_get_prefix() and friends should also verify the prefixlen.
This way the check can be removed from rde_update_dispatch() which is just a duplicate of the general failure case of rde_update_get_prefix(). OK benno@ phessler@
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/bgpd/rde.c54
1 files changed, 7 insertions, 47 deletions
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c
index ee43fabfa8c..bd20edaff5b 100644
--- a/usr.sbin/bgpd/rde.c
+++ b/usr.sbin/bgpd/rde.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde.c,v 1.389 2018/07/10 12:38:50 benno Exp $ */
+/* $OpenBSD: rde.c,v 1.390 2018/07/10 15:13:35 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -1040,13 +1040,6 @@ rde_update_dispatch(struct imsg *imsg)
NULL, 0);
goto done;
}
- if (prefixlen > 32) {
- log_peer_warnx(&peer->conf, "bad withdraw prefix");
- rde_update_err(peer, ERR_UPDATE, ERR_UPD_NETWORK,
- NULL, 0);
- goto done;
- }
-
p += pos;
len -= pos;
@@ -1120,15 +1113,6 @@ rde_update_dispatch(struct imsg *imsg)
mpa.unreach, mpa.unreach_len);
goto done;
}
- if (prefixlen > 128) {
- log_peer_warnx(&peer->conf,
- "bad IPv6 withdraw prefix");
- rde_update_err(peer, ERR_UPDATE,
- ERR_UPD_OPTATTR,
- mpa.unreach, mpa.unreach_len);
- goto done;
- }
-
mpp += pos;
mplen -= pos;
@@ -1146,15 +1130,6 @@ rde_update_dispatch(struct imsg *imsg)
mpa.unreach, mpa.unreach_len);
goto done;
}
- if (prefixlen > 32) {
- log_peer_warnx(&peer->conf,
- "bad VPNv4 withdraw prefix");
- rde_update_err(peer, ERR_UPDATE,
- ERR_UPD_OPTATTR,
- mpa.unreach, mpa.unreach_len);
- goto done;
- }
-
mpp += pos;
mplen -= pos;
@@ -1190,13 +1165,6 @@ rde_update_dispatch(struct imsg *imsg)
NULL, 0);
goto done;
}
- if (prefixlen > 32) {
- log_peer_warnx(&peer->conf, "bad nlri prefix");
- rde_update_err(peer, ERR_UPDATE, ERR_UPD_NETWORK,
- NULL, 0);
- goto done;
- }
-
p += pos;
nlri_len -= pos;
@@ -1269,13 +1237,6 @@ rde_update_dispatch(struct imsg *imsg)
mpa.reach, mpa.reach_len);
goto done;
}
- if (prefixlen > 128) {
- rde_update_err(peer, ERR_UPDATE,
- ERR_UPD_OPTATTR,
- mpa.reach, mpa.reach_len);
- goto done;
- }
-
mpp += pos;
mplen -= pos;
@@ -1295,13 +1256,6 @@ rde_update_dispatch(struct imsg *imsg)
mpa.reach, mpa.reach_len);
goto done;
}
- if (prefixlen > 32) {
- rde_update_err(peer, ERR_UPDATE,
- ERR_UPD_OPTATTR,
- mpa.reach, mpa.reach_len);
- goto done;
- }
-
mpp += pos;
mplen -= pos;
@@ -1913,6 +1867,8 @@ rde_update_get_prefix(u_char *p, u_int16_t len, struct bgpd_addr *prefix,
prefix->aid = AID_INET;
*prefixlen = pfxlen;
+ if (pfxlen > 32)
+ return (-1);
if ((plen = rde_update_extract_prefix(p, len, &prefix->v4, pfxlen,
sizeof(prefix->v4))) == -1)
return (-1);
@@ -1937,6 +1893,8 @@ rde_update_get_prefix6(u_char *p, u_int16_t len, struct bgpd_addr *prefix,
prefix->aid = AID_INET6;
*prefixlen = pfxlen;
+ if (pfxlen > 128)
+ return (-1);
if ((plen = rde_update_extract_prefix(p, len, &prefix->v6, pfxlen,
sizeof(prefix->v6))) == -1)
return (-1);
@@ -1998,6 +1956,8 @@ rde_update_get_vpn4(u_char *p, u_int16_t len, struct bgpd_addr *prefix,
prefix->aid = AID_VPN_IPv4;
*prefixlen = pfxlen;
+ if (pfxlen > 32)
+ return (-1);
if ((rv = rde_update_extract_prefix(p, len, &prefix->vpn4.addr,
pfxlen, sizeof(prefix->vpn4.addr))) == -1)
return (-1);