| Age | Commit message (Collapse) | Author |
|---|
|
* ospf6_message.h
* OSPF6_MESSAGE_TYPE_CANONICAL(): dismiss
* OSPF6_MESSAGE_TYPE_NAME(): dismiss
* ospf6_message.c
* ospf6_message_type_str: rewrite as a message list, add max value
* ospf6_packet_examin(): update to use LOOKUP()
* ospf6_receive(): idem
* ospf6_send(): idem
|
|
This vulnerability (CERT-FI #514840) was reported by CROSS project.
ospf6d processes IPv6 prefix structures in incoming packets without
verifying that the declared prefix length is valid. This leads to a
crash
caused by out of bounds memory access.
* ospf6_abr.h: new macros for size/alignment validation
* ospf6_asbr.h: idem
* ospf6_intra.h: idem
* ospf6_lsa.h: idem
* ospf6_message.h: idem
* ospf6_proto.h: idem
* ospf6_message.c
* ospf6_packet_minlen: helper array for ospf6_packet_examin()
* ospf6_lsa_minlen: helper array for ospf6_lsa_examin()
* ospf6_hello_recv(): do not call ospf6_header_examin(), let upper
layer verify the input data
* ospf6_dbdesc_recv(): idem
* ospf6_lsreq_recv(): idem
* ospf6_lsupdate_recv(): idem
* ospf6_lsack_recv(): idem
* ospf6_prefixes_examin(): new function, implements A.4.1
* ospf6_lsa_examin(): new function, implements A.4
* ospf6_lsaseq_examin(): new function, an interface to above
* ospf6_packet_examin(): new function, implements A.3
* ospf6_rxpacket_examin(): new function, replaces
ospf6_header_examin()
* ospf6_header_examin(): sayonara
* ospf6_receive(): perform passive interface check earliest possible,
employ ospf6_rxpacket_examin()
|
|
A clean exit makes it easier to use memory debuggers.
* ospf6_asbr.c: (ospf6_asbr_terminate) Add a function to do route map
cleanup.
* ospf6_lsa.c: (ospf6_lsa_terminate) Add a function to cleanup the lsa
handler vector.
* ospf6_main.c: (ospf6_exit) Add an function that causes ospf6d to
gracefully exit.
* ospf6_message.c: (ospf6_message_terminate) Add a function that frees
the send and receive buffers.
* ospf6_top.c: (ospf6_delete) Enable the ospf6_delete() function.
Disable ospf6 before freeing everything.
|
|
2008-08-15 Paul Jakma <paul.jakma@sun.com>
* {ospf6d,ripngd}/*: Finish job of marking functions as static, or
exporting declarations for them, to quell warning noise with
Quagga's GCC default high-level of warning flags. Thus allowing
remaining, more useful warnings to be more easily seen.
|
|
* ospf6_route.c: Add const qualifier to various char arrays of
constants. signed/unsigned fixes.
(ospf6_linkstate_table_show) argv is const
* ospf6_snmp.c: listnode typedef is dead.
(ospf6_snmp_init) Take struct thread_master arg, needed for
smux_init.
* ospf6_snmp.h: update ospf6_snmp_init declaration.
* ospf6d.c: (ospf6_init) add const qualifier to sargv, pass master
to ospf_snmp6_init.
* ospf6_asbr.c: const char update.
* ospf6_interface.c: ditto, plus signed/unsigned fixes.
(ipv6_ospf6_cost) Check whether cost fits in u_int32_t and use
strtoul.
* ospf6_intra.c: const char update. Parenthesise expression.
* ospf6_lsa.c: signed/unsigned and const char updates.
* ospf6_proto.c: ditto.
* ospf6_message.c: ditto.
* ospf6_lsdb.c: signed/unsigned update.
* ospf6_main.c: const char update.
* ospf6_neighbor.c: ditto.
* ospf6_spf.c: ditto.
* ospf6_top.c: ditto.
|
|
fixes.
|
|
zclient changes.
|
|
|
