summaryrefslogtreecommitdiff
path: root/proto/ospf/packet.c
diff options
context:
space:
mode:
authorOndrej Zajicek <santiago@crfreenet.org>2009-10-29 23:57:42 +0100
committerOndrej Zajicek <santiago@crfreenet.org>2009-10-29 23:57:42 +0100
commita6bc04d59130c49a1dbfadffa4285b11e2ff4939 (patch)
treeb5f453dc5fbe20204883149e1bc153905f356709 /proto/ospf/packet.c
parent9d4d38d1a5d67f5485d2b2fa439c879583dfdcb0 (diff)
Implements better checks on incoming packets and LSAs in OSPF.
Diffstat (limited to 'proto/ospf/packet.c')
-rw-r--r--proto/ospf/packet.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/proto/ospf/packet.c b/proto/ospf/packet.c
index 0bb1f511..9422a9f3 100644
--- a/proto/ospf/packet.c
+++ b/proto/ospf/packet.c
@@ -286,6 +286,7 @@ ospf_rx_hook(sock * sk, int size)
return 1;
}
+ /* This is strange! */
if ((ifa->oa->areaid != 0) && (ntohl(ps->areaid) == 0))
{
WALK_LIST(iff, po->iface_list)
@@ -300,17 +301,16 @@ ospf_rx_hook(sock * sk, int size)
DBG("%s: RX_Hook called on interface %s.\n", p->name, sk->iface->name);
- osize = ntohs(ps->length);
-
if ((unsigned) size < sizeof(struct ospf_packet))
{
log(L_ERR "%s%I - too short (%u bytes)", mesg, sk->faddr, size);
return 1;
}
- if ((osize > size) || (osize != (4 * (osize / 4))))
+ osize = ntohs(ps->length);
+ if ((osize > size) || ((osize % 4) != 0))
{
- log(L_ERR "%s%I - size field does not match (%d/%d)", mesg, sk->faddr, ntohs(ps->length), size );
+ log(L_ERR "%s%I - size field does not match (%d/%d)", mesg, sk->faddr, osize, size);
return 1;
}
@@ -324,7 +324,7 @@ ospf_rx_hook(sock * sk, int size)
#ifdef OSPFv2
if ((ps->autype != htons(OSPF_AUTH_CRYPT)) &&
(!ipsum_verify(ps, 16, (void *) ps + sizeof(struct ospf_packet),
- ntohs(ps->length) - sizeof(struct ospf_packet), NULL)))
+ osize - sizeof(struct ospf_packet), NULL)))
{
log(L_ERR "%s%I - bad checksum", mesg, sk->faddr);
return 1;
@@ -358,17 +358,17 @@ ospf_rx_hook(sock * sk, int size)
return 1;
}
- if (((unsigned) size > sk->rbsize) || (ntohs(ps->length) > sk->rbsize))
+ if ((unsigned) size > sk->rbsize)
{
- log(L_ERR "%s%I - packet is too large (%d-%d vs %d)",
- mesg, sk->faddr, size, ntohs(ps->length), sk->rbsize);
+ log(L_ERR "%s%I - packet is too large (%d vs %d)",
+ mesg, sk->faddr, size, sk->rbsize);
return 1;
}
/* This is deviation from RFC 2328 - neighbours should be identified by
* IP address on broadcast and NBMA networks.
*/
- n = find_neigh(ifa, ntohl(((struct ospf_packet *) ps)->routerid));
+ n = find_neigh(ifa, ntohl(ps->routerid));
if(!n && (ps->type != HELLO_P))
{