summaryrefslogtreecommitdiff
path: root/proto/bgp
diff options
context:
space:
mode:
authorJob Snijders <job@fastly.com>2021-12-18 16:35:28 +0100
committerOndrej Zajicek (work) <santiago@crfreenet.org>2021-12-18 16:35:28 +0100
commitb9f38727a7ba7c9c7e383ade80dbf77086dfce05 (patch)
treec2017a6866e927561fec65b1bfb6c6f646d5f9ca /proto/bgp
parent00410fd6c17697a5919cb32a44f7117dd3a0834a (diff)
RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handler
RFC 6810 and RFC 8210 specify that the "Max Length" value MUST NOT be less than the Prefix Length element (underflow). On the other side, overflow of the Max Length element also is possible, it being an 8-bit unsigned integer allows for values larger than 32 or 128. This also implicitly ensures there is no overflow of "Length" value. When a PDU is received where the Max Length field is corrputed, the RTR client (BIRD) should immediately terminate the session, flush all data learned from that cache, and log an error for the operator. Minor changes done by commiter.
Diffstat (limited to 'proto/bgp')
0 files changed, 0 insertions, 0 deletions