Gitiles
Code Review Sign In
gerrit.opencord.org / quagga / bf83fa25f1bddec6f09ad879cba5e975a3ae5495
commitbf83fa25f1bddec6f09ad879cba5e975a3ae5495[log] [tgz]
authorPaul Jakma <paul.jakma@hpe.com>Tue Feb 09 15:23:03 2016 +0000
committerPaul Jakma <paul.jakma@hpe.com>Tue Mar 08 17:53:22 2016 +0000
treea01a0137a4193d2d33d61bb43c113afef3e421a6
parent2db962760426ddb9e266f9a4bc0b274584c819cc [diff]
lib: Check prefix length from zebra is sensible

* zclient.c: prefix length on router-id and interface address add
  messages not sanity checked.  fix.

* */*_zebra.c: Prefix length on zebra route read was not checked, and
  clients use it to write to storage.  An evil zebra could overflow
  client structures by sending overly long prefixlen.

Prompted by discussions with:

Donald Sharp <sharpd@cumulusnetworks.com>
7 files changed
tree: a01a0137a4193d2d33d61bb43c113afef3e421a6
  1. .gitignore
  2. AUTHORS
  3. COPYING
  4. COPYING.LIB
  5. ChangeLog
  6. HACKING.md
  7. HACKING.pending
  8. INSTALL.quagga.txt
  9. Makefile.am
  10. NEWS
  11. README
  12. README.NetBSD
  13. REPORTING-BUGS
  14. SERVICES
  15. TODO
  16. bgpd/
  17. bootstrap.sh
  18. buildtest.sh
  19. configure.ac
  20. doc/
  21. fpm/
  22. gdb/
  23. init/
  24. isisd/
  25. lib/
  26. m4/
  27. ospf6d/
  28. ospfclient/
  29. ospfd/
  30. pimd/
  31. pkgsrc/
  32. ports/
  33. redhat/
  34. ripd/
  35. ripngd/
  36. solaris/
  37. stamp-h.in
  38. tests/
  39. tools/
  40. update-autotools
  41. vtysh/
  42. watchquagga/
  43. zebra/