From 2eb060930a171170f9bea4e6b4eed822e09550dc Mon Sep 17 00:00:00 2001 From: Claudio Jeker Date: Thu, 20 Sep 2018 07:41:26 +0000 Subject: Fix the empty aspath segments check. seg_size is never 0, this needs to use seg_len instead. Since seg_len is known early move the check up. Found while hunting for the other bug in aspath_verify. --- usr.sbin/bgpd/util.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'usr.sbin/bgpd/util.c') diff --git a/usr.sbin/bgpd/util.c b/usr.sbin/bgpd/util.c index 0c01b54e2b7..c60c7241351 100644 --- a/usr.sbin/bgpd/util.c +++ b/usr.sbin/bgpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.36 2018/09/20 07:37:06 claudio Exp $ */ +/* $OpenBSD: util.c,v 1.37 2018/09/20 07:41:25 claudio Exp $ */ /* * Copyright (c) 2006 Claudio Jeker @@ -459,6 +459,10 @@ aspath_verify(void *data, u_int16_t len, int as4byte) seg_type = seg[0]; seg_len = seg[1]; + if (seg_len == 0) + /* empty aspath segments are not allowed */ + return (AS_ERR_BAD); + /* * BGP confederations should not show up but consider them * as a soft error which invalidates the path but keeps the @@ -475,10 +479,6 @@ aspath_verify(void *data, u_int16_t len, int as4byte) if (seg_size > len) return (AS_ERR_LEN); - if (seg_size == 0) - /* empty aspath segments are not allowed */ - return (AS_ERR_BAD); - /* RFC 7607 - AS 0 is considered malformed */ ptr = seg + 2; for (pos = 0; pos < seg_len; pos++) { -- cgit v1.2.3