ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)

This vulnerability (CERT-FI #514838) was reported by CROSS project.

The error is reproducible only when ospfd debugging is enabled:
  * debug ospf packet all
  * debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.

* ospf_packet.c
  * ospf_verify_header(): add type field check
  * ospf_read(): perform input checks early

0 files changed, 0 insertions, 0 deletions