diff options
author | Paul Jakma <paul@quagga.net> | 2012-03-15 11:30:00 +0000 |
---|---|---|
committer | Paul Jakma <paul@quagga.net> | 2012-03-25 21:33:51 +0100 |
commit | bd471fea4ec965c71d6c2201745995092fbc36f6 (patch) | |
tree | 1d07d21b35101724d98107d47f4cd214800b4489 | |
parent | 81c3e5006e5d29e305cbc0ab482617d7e570e8c0 (diff) |
bgpd: malformed attribute error that can still proceed should fixup getp
* bgp_attr.c: (bgp_attr_malformed) When a malformed attribute error can be
ignored, and BGP message processing may still proceed, the stream getp
should be adjusted to the end of the attribute - the caller may not have
consumed all the attribute. Problem noted by Martin Winter in bug 678.
Also, rename the 'startp' local to 'notify_datap', for clarity.
-rw-r--r-- | bgpd/bgp_attr.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index b02cfee3..d204cec1 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -719,17 +719,24 @@ bgp_attr_malformed (struct bgp_attr_parser_args *args, u_char subcode, * send the attribute data with the NOTIFY depends on the error, * the caller therefore signals this with the seperate length argument */ - u_char *startp = (length > 0 ? args->startp : NULL); + u_char *notify_datap = (length > 0 ? args->startp : NULL); /* Only relax error handling for eBGP peers */ if (peer_sort (peer) != BGP_PEER_EBGP) { bgp_notify_send_with_data (peer, BGP_NOTIFY_UPDATE_ERR, subcode, - startp, length); + notify_datap, length); return BGP_ATTR_PARSE_ERROR; } + /* Adjust the stream getp to the end of the attribute, in case we can + * still proceed but the caller hasn't read all the attribute. + */ + stream_set_getp (BGP_INPUT (peer), + (args->startp - STREAM_DATA (BGP_INPUT (peer))) + + args->total); + switch (args->type) { /* where an optional attribute is inconsequential, e.g. it does not affect * route selection, and can be safely ignored then any such attributes @@ -756,7 +763,7 @@ bgp_attr_malformed (struct bgp_attr_parser_args *args, u_char subcode, case BGP_ATTR_MP_UNREACH_NLRI: case BGP_ATTR_EXT_COMMUNITIES: bgp_notify_send_with_data (peer, BGP_NOTIFY_UPDATE_ERR, subcode, - startp, length); + notify_datap, length); return BGP_ATTR_PARSE_ERROR; } |