diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2018-09-20 07:41:26 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2018-09-20 07:41:26 +0000 |
| commit | 2eb060930a171170f9bea4e6b4eed822e09550dc (patch) | |
| tree | bef6d550693ae2b42232d7a3320734f84b8bcabf /usr.sbin | |
| parent | cb25a419ced79a1d808ec6cf1ea7a520902c07ce (diff) | |
Fix the empty aspath segments check. seg_size is never 0, this needs to use
seg_len instead. Since seg_len is known early move the check up.
Found while hunting for the other bug in aspath_verify.
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/bgpd/util.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.sbin/bgpd/util.c b/usr.sbin/bgpd/util.c index 0c01b54e2b7..c60c7241351 100644 --- a/usr.sbin/bgpd/util.c +++ b/usr.sbin/bgpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.36 2018/09/20 07:37:06 claudio Exp $ */ +/* $OpenBSD: util.c,v 1.37 2018/09/20 07:41:25 claudio Exp $ */ /* * Copyright (c) 2006 Claudio Jeker <claudio@openbsd.org> @@ -459,6 +459,10 @@ aspath_verify(void *data, u_int16_t len, int as4byte) seg_type = seg[0]; seg_len = seg[1]; + if (seg_len == 0) + /* empty aspath segments are not allowed */ + return (AS_ERR_BAD); + /* * BGP confederations should not show up but consider them * as a soft error which invalidates the path but keeps the @@ -475,10 +479,6 @@ aspath_verify(void *data, u_int16_t len, int as4byte) if (seg_size > len) return (AS_ERR_LEN); - if (seg_size == 0) - /* empty aspath segments are not allowed */ - return (AS_ERR_BAD); - /* RFC 7607 - AS 0 is considered malformed */ ptr = seg + 2; for (pos = 0; pos < seg_len; pos++) { |