d77d7220a7
>From the advisory: http://www.openwall.com/lists/oss-security/2017/10/30/4 It was discovered that the bgpd daemon in the Quagga routing suite does not properly calculate the length of multi-segment AS_PATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
34 lines
1.2 KiB
Diff
34 lines
1.2 KiB
Diff
From 7a42b78be9a4108d98833069a88e6fddb9285008 Mon Sep 17 00:00:00 2001
|
|
From: Andreas Jaggi <aj@open.ch>
|
|
Date: Mon, 2 Oct 2017 19:38:43 +0530
|
|
Subject: [PATCH] bgpd: Fix AS_PATH size calculation for long paths
|
|
|
|
If you have an AS_PATH with more entries than
|
|
what can be written into a single AS_SEGMENT_MAX
|
|
it needs to be broken up. The code that noticed
|
|
that the AS_PATH needs to be broken up was not
|
|
correctly calculating the size of the resulting
|
|
message. This patch addresses this issue.
|
|
|
|
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
---
|
|
bgpd/bgp_aspath.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/bgpd/bgp_aspath.c b/bgpd/bgp_aspath.c
|
|
index b7af5e88..d813bfba 100644
|
|
--- a/bgpd/bgp_aspath.c
|
|
+++ b/bgpd/bgp_aspath.c
|
|
@@ -903,7 +903,7 @@ aspath_put (struct stream *s, struct aspath *as, int use32bit )
|
|
assegment_header_put (s, seg->type, AS_SEGMENT_MAX);
|
|
assegment_data_put (s, seg->as, AS_SEGMENT_MAX, use32bit);
|
|
written += AS_SEGMENT_MAX;
|
|
- bytes += ASSEGMENT_SIZE (written, use32bit);
|
|
+ bytes += ASSEGMENT_SIZE (AS_SEGMENT_MAX, use32bit);
|
|
}
|
|
|
|
/* write the final segment, probably is also the first */
|
|
--
|
|
2.11.0
|
|
|