summaryrefslogtreecommitdiff
path: root/proto/babel/packets.c
diff options
context:
space:
mode:
authorJob Snijders <job@fastly.com>2021-12-18 16:35:28 +0100
committerOndrej Zajicek (work) <santiago@crfreenet.org>2021-12-18 16:35:28 +0100
commitb9f38727a7ba7c9c7e383ade80dbf77086dfce05 (patch)
treec2017a6866e927561fec65b1bfb6c6f646d5f9ca /proto/babel/packets.c
parent00410fd6c17697a5919cb32a44f7117dd3a0834a (diff)
RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handler
RFC 6810 and RFC 8210 specify that the "Max Length" value MUST NOT be less than the Prefix Length element (underflow). On the other side, overflow of the Max Length element also is possible, it being an 8-bit unsigned integer allows for values larger than 32 or 128. This also implicitly ensures there is no overflow of "Length" value. When a PDU is received where the Max Length field is corrputed, the RTR client (BIRD) should immediately terminate the session, flush all data learned from that cache, and log an error for the operator. Minor changes done by commiter.
Diffstat (limited to 'proto/babel/packets.c')
0 files changed, 0 insertions, 0 deletions