diff options
author | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2019-08-21 17:16:08 +0200 |
---|---|---|
committer | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2019-08-21 17:16:08 +0200 |
commit | 4fa0e472cf3e8c61a3f67e91d201dbc12ea94221 (patch) | |
tree | 7a932b33d0328c59990cf31123b949151a4a5626 /proto/bgp | |
parent | 524d2538537b2530bf031daa1d5c8e4653f92c5c (diff) |
BGP: Use reallocation for capability structure
Instead of having large stack buffer for max amount of AFI/SAFI pairs.
The old code is not correct w.r.t. extendeded option length, as more
AFI/SAFI pairs may fit into the capability option.
Diffstat (limited to 'proto/bgp')
-rw-r--r-- | proto/bgp/packets.c | 44 |
1 files changed, 28 insertions, 16 deletions
diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c index 854b10e0..2b7ee1d0 100644 --- a/proto/bgp/packets.c +++ b/proto/bgp/packets.c @@ -185,14 +185,20 @@ bgp_find_af_caps(struct bgp_caps *caps, u32 afi) } static struct bgp_af_caps * -bgp_get_af_caps(struct bgp_caps *caps, u32 afi) +bgp_get_af_caps(struct bgp_caps **pcaps, u32 afi) { + struct bgp_caps *caps = *pcaps; struct bgp_af_caps *ac; WALK_AF_CAPS(caps, ac) if (ac->afi == afi) return ac; + uint n = caps->af_count; + if (uint_is_pow2(n)) + *pcaps = caps = mb_realloc(caps, sizeof(struct bgp_caps) + + (2 * n) * sizeof(struct bgp_af_caps)); + ac = &caps->af_data[caps->af_count++]; memset(ac, 0, sizeof(struct bgp_af_caps)); ac->afi = afi; @@ -412,13 +418,22 @@ bgp_write_capabilities(struct bgp_conn *conn, byte *buf) } static int -bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, int len) +bgp_read_capabilities(struct bgp_conn *conn, byte *pos, int len) { struct bgp_proto *p = conn->bgp; + struct bgp_caps *caps; struct bgp_af_caps *ac; int i, cl; u32 af; + if (!conn->remote_caps) + caps = mb_allocz(p->p.pool, sizeof(struct bgp_caps) + sizeof(struct bgp_af_caps)); + else + { + caps = conn->remote_caps; + conn->remote_caps = NULL; + } + caps->length += len; while (len > 0) @@ -437,7 +452,7 @@ bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, i goto err; af = get_af4(pos+2); - ac = bgp_get_af_caps(caps, af); + ac = bgp_get_af_caps(&caps, af); ac->ready = 1; break; @@ -460,7 +475,7 @@ bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, i continue; af = get_af4(pos+2+i); - ac = bgp_get_af_caps(caps, af); + ac = bgp_get_af_caps(&caps, af); ac->ext_next_hop = 1; } break; @@ -490,7 +505,7 @@ bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, i for (i = 2; i < cl; i += 4) { af = get_af3(pos+2+i); - ac = bgp_get_af_caps(caps, af); + ac = bgp_get_af_caps(&caps, af); ac->gr_able = 1; ac->gr_af_flags = pos[2+i+3]; } @@ -522,7 +537,7 @@ bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, i for (i = 0; i < cl; i += 4) { af = get_af3(pos+2+i); - ac = bgp_get_af_caps(caps, af); + ac = bgp_get_af_caps(&caps, af); ac->add_path = pos[2+i+3]; } break; @@ -551,7 +566,7 @@ bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, i for (i = 0; i < cl; i += 7) { af = get_af3(pos+2+i); - ac = bgp_get_af_caps(caps, af); + ac = bgp_get_af_caps(&caps, af); ac->llgr_able = 1; ac->llgr_flags = pos[2+i+3]; ac->llgr_time = get_u24(pos + 2+i+4); @@ -577,9 +592,11 @@ bgp_read_capabilities(struct bgp_conn *conn, struct bgp_caps *caps, byte *pos, i } } + conn->remote_caps = caps; return 0; err: + mb_free(caps); bgp_error(conn, 2, 0, NULL, 0); return -1; } @@ -624,7 +641,6 @@ static int bgp_read_options(struct bgp_conn *conn, byte *pos, uint len, uint rest) { struct bgp_proto *p = conn->bgp; - struct bgp_caps *caps; int ext = 0; /* Handle extended length (draft-ietf-idr-ext-opt-param-07) */ @@ -644,10 +660,6 @@ bgp_read_options(struct bgp_conn *conn, byte *pos, uint len, uint rest) if (len > rest) goto err; - /* Max number of announced AFIs is limited by max option length (255) */ - caps = alloca(sizeof(struct bgp_caps) + 64 * sizeof(struct bgp_af_caps)); - memset(caps, 0, sizeof(struct bgp_caps)); - /* Length of option parameter header */ uint hlen = ext ? 3 : 2; @@ -666,7 +678,7 @@ bgp_read_options(struct bgp_conn *conn, byte *pos, uint len, uint rest) { /* BGP capabilities, RFC 5492 */ if (p->cf->capabilities) - if (bgp_read_capabilities(conn, caps, pos + hlen, olen) < 0) + if (bgp_read_capabilities(conn, pos + hlen, olen) < 0) return -1; } else @@ -679,9 +691,9 @@ bgp_read_options(struct bgp_conn *conn, byte *pos, uint len, uint rest) ADVANCE(pos, len, hlen + olen); } - uint n = sizeof(struct bgp_caps) + caps->af_count * sizeof(struct bgp_af_caps); - conn->remote_caps = mb_allocz(p->p.pool, n); - memcpy(conn->remote_caps, caps, n); + /* Prepare empty caps if no capability option was announced */ + if (!conn->remote_caps) + conn->remote_caps = mb_allocz(p->p.pool, sizeof(struct bgp_caps)); return 0; |