diff options
Diffstat (limited to 'bgpd/bgp_attr.c')
| -rw-r--r-- | bgpd/bgp_attr.c | 93 |
1 files changed, 56 insertions, 37 deletions
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index d58ad418..c52c776e 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -131,15 +131,13 @@ cluster_hash_key_make (void *p) } static int -cluster_hash_cmp (void *p1, void *p2) +cluster_hash_cmp (const void *p1, const void *p2) { - struct cluster_list * cluster1 = (struct cluster_list *) p1; - struct cluster_list * cluster2 = (struct cluster_list *) p2; + const struct cluster_list * cluster1 = p1; + const struct cluster_list * cluster2 = p2; - if (cluster1->length == cluster2->length && - memcmp (cluster1->list, cluster2->list, cluster1->length) == 0) - return 1; - return 0; + return (cluster1->length == cluster2->length && + memcmp (cluster1->list, cluster2->list, cluster1->length) == 0); } static void @@ -150,13 +148,13 @@ cluster_free (struct cluster_list *cluster) XFREE (MTYPE_CLUSTER, cluster); } +#if 0 static struct cluster_list * cluster_dup (struct cluster_list *cluster) { struct cluster_list *new; - new = XMALLOC (MTYPE_CLUSTER, sizeof (struct cluster_list)); - memset (new, 0, sizeof (struct cluster_list)); + new = XCALLOC (MTYPE_CLUSTER, sizeof (struct cluster_list)); new->length = cluster->length; if (cluster->length) @@ -169,6 +167,7 @@ cluster_dup (struct cluster_list *cluster) return new; } +#endif static struct cluster_list * cluster_intern (struct cluster_list *cluster) @@ -267,15 +266,13 @@ transit_hash_key_make (void *p) } static int -transit_hash_cmp (void *p1, void *p2) +transit_hash_cmp (const void *p1, const void *p2) { - struct transit * transit1 = (struct transit *) p1; - struct transit * transit2 = (struct transit *) p2; + const struct transit * transit1 = p1; + const struct transit * transit2 = p2; - if (transit1->length == transit2->length && - memcmp (transit1->val, transit2->val, transit1->length) == 0) - return 1; - return 0; + return (transit1->length == transit2->length && + memcmp (transit1->val, transit2->val, transit1->length) == 0); } static void @@ -393,10 +390,10 @@ attrhash_key_make (void *p) } int -attrhash_cmp (void *p1, void *p2) +attrhash_cmp (const void *p1, const void *p2) { - struct attr * attr1 = (struct attr *) p1; - struct attr * attr2 = (struct attr *) p2; + const struct attr * attr1 = p1; + const struct attr * attr2 = p2; if (attr1->flag == attr2->flag && attr1->origin == attr2->origin @@ -408,8 +405,8 @@ attrhash_cmp (void *p1, void *p2) && attr1->pathlimit.ttl == attr2->pathlimit.ttl && attr1->pathlimit.as == attr2->pathlimit.as) { - struct attr_extra *ae1 = attr1->extra; - struct attr_extra *ae2 = attr2->extra; + const struct attr_extra *ae1 = attr1->extra; + const struct attr_extra *ae2 = attr2->extra; if (ae1 && ae2 && ae1->aggregator_as == ae2->aggregator_as @@ -435,7 +432,7 @@ attrhash_cmp (void *p1, void *p2) } static void -attrhash_init () +attrhash_init (void) { attrhash = hash_create (attrhash_key_make, attrhash_cmp); } @@ -1259,7 +1256,7 @@ bgp_attr_cluster_list (struct peer *peer, bgp_size_t length, } /* Multiprotocol reachability information parse. */ -static int +int bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, struct bgp_nlri *mp_update) { @@ -1277,8 +1274,13 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, /* safe to read statically sized header? */ #define BGP_MP_REACH_MIN_SIZE 5 +#define LEN_LEFT (length - (stream_get_getp(s) - start)) if ((length > STREAM_READABLE(s)) || (length < BGP_MP_REACH_MIN_SIZE)) - return -1; + { + zlog_info ("%s: %s sent invalid length, %lu", + __func__, peer->host, (unsigned long)length); + return -1; + } /* Load AFI, SAFI. */ afi = stream_getw (s); @@ -1287,8 +1289,12 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, /* Get nexthop length. */ attre->mp_nexthop_len = stream_getc (s); - if (STREAM_READABLE(s) < attre->mp_nexthop_len) - return -1; + if (LEN_LEFT < attre->mp_nexthop_len) + { + zlog_info ("%s: %s, MP nexthop length, %u, goes past end of attribute", + __func__, peer->host, attre->mp_nexthop_len); + return -1; + } /* Nexthop length check. */ switch (attre->mp_nexthop_len) @@ -1330,13 +1336,17 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, break; #endif /* HAVE_IPV6 */ default: - zlog_info ("Wrong multiprotocol next hop length: %d", - attre->mp_nexthop_len); + zlog_info ("%s: (%s) Wrong multiprotocol next hop length: %d", + __func__, peer->host, attre->mp_nexthop_len); return -1; } - if (!STREAM_READABLE(s)) - return -1; + if (!LEN_LEFT) + { + zlog_info ("%s: (%s) Failed to read SNPA and NLRI(s)", + __func__, peer->host); + return -1; + } { u_char val; @@ -1346,15 +1356,23 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, } /* must have nrli_len, what is left of the attribute */ - nlri_len = length - (stream_get_getp(s) - start); + nlri_len = LEN_LEFT; if ((!nlri_len) || (nlri_len > STREAM_READABLE(s))) - return -1; + { + zlog_info ("%s: (%s) Failed to read NLRI", + __func__, peer->host); + return -1; + } if (safi != BGP_SAFI_VPNV4) { ret = bgp_nlri_sanity_check (peer, afi, stream_pnt (s), nlri_len); - if (ret < 0) - return -1; + if (ret < 0) + { + zlog_info ("%s: (%s) NLRI doesn't pass sanity check", + __func__, peer->host); + return -1; + } } mp_update->afi = afi; @@ -1365,10 +1383,11 @@ bgp_mp_reach_parse (struct peer *peer, bgp_size_t length, struct attr *attr, stream_forward_getp (s, nlri_len); return 0; +#undef LEN_LEFT } /* Multiprotocol unreachable parse */ -static int +int bgp_mp_unreach_parse (struct peer *peer, bgp_size_t length, struct bgp_nlri *mp_withdraw) { @@ -1549,9 +1568,9 @@ bgp_attr_parse (struct peer *peer, struct attr *attr, bgp_size_t size, && ((endp - startp) < (BGP_ATTR_MIN_LEN + 1))) { zlog (peer->log, LOG_WARNING, - "%s Extended length set, but just %tu bytes of attr header", + "%s Extended length set, but just %lu bytes of attr header", peer->host, - endp - STREAM_PNT (BGP_INPUT (peer))); + (unsigned long) (endp - STREAM_PNT (BGP_INPUT (peer)))); bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR, |