summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMaria Matejka <mq@ucw.cz>2019-08-14 11:06:49 +0200
committerMaria Matejka <mq@ucw.cz>2020-04-28 16:21:06 +0200
commit124d860f648f4c1c080e77b5f070b97d094f5285 (patch)
tree3f413b10152d1906d883937fd51cbea29df6ada6
parent59a86cbc7c5d5640b16ca9d8a99be979b11a4c68 (diff)
Filter: fixed omitted overflow check in EC constructor
Diffstat
-rw-r--r--filter/f-inst.c31
1 files changed, 15 insertions, 16 deletions
diff --git a/filter/f-inst.c b/filter/f-inst.c
index 4b3c627b..3d185918 100644
--- a/filter/f-inst.c
+++ b/filter/f-inst.c
@@ -261,7 +261,7 @@
FID_MEMBER(enum ec_subtype, ecs, f1->ecs != f2->ecs, "ec subtype %s", ec_subtype_str(item->ecs));
- int check, ipv4_used;
+ int ipv4_used;
u32 key, val;
if (v1.type == T_INT) {
@@ -279,21 +279,20 @@
val = v2.val.i;
- if (ecs == EC_GENERIC) {
- check = 0; RESULT(T_EC, ec, ec_generic(key, val));
- }
- else if (ipv4_used) {
- check = 1; RESULT(T_EC, ec, ec_ip4(ecs, key, val));
- }
- else if (key < 0x10000) {
- check = 0; RESULT(T_EC, ec, ec_as2(ecs, key, val));
- }
- else {
- check = 1; RESULT(T_EC, ec, ec_as4(ecs, key, val));
- }
-
- if (check && (val > 0xFFFF))
- runtime("Value %u > %u out of bounds in EC constructor", val, 0xFFFF);
+ if (ecs == EC_GENERIC)
+ RESULT(T_EC, ec, ec_generic(key, val));
+ else if (ipv4_used)
+ if (val <= 0xFFFF)
+ RESULT(T_EC, ec, ec_ip4(ecs, key, val));
+ else
+ runtime("4-byte value %u can't be used with IP-address key in extended community", val);
+ else if (key < 0x10000)
+ RESULT(T_EC, ec, ec_as2(ecs, key, val));
+ else
+ if (val <= 0xFFFF)
+ RESULT(T_EC, ec, ec_as4(ecs, key, val));
+ else
+ runtime("4-byte value %u can't be used with 4-byte ASN in extended community", val);
}
INST(FI_LC_CONSTRUCT, 3, 1) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 22:46:31 +0000