server: verify update message

Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
author: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> 2015-01-29 16:26:34 +0900
committer: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> 2015-01-29 16:26:34 +0900
commit: 0e4fe0c5f3bacac5f056f481bd143b202a3b71db (patch)
tree: 123d34994365860a5b1e5401eb6198797de23630 /server
parent: 1462fdb4d240cd956b6c1189ac769be7e7b1bba4 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/server/peer.go b/server/peer.go
index 28561619..ca10c1db 100644
--- a/server/peer.go
+++ b/server/peer.go
@@ -138,6 +138,19 @@ func (peer *Peer) handleBGPmessage(m *bgp.BGPMessage) {
 	case bgp.BGP_MSG_UPDATE:
 		peer.peerConfig.BgpNeighborCommonState.UpdateRecvTime = time.Now()
 		body := m.Body.(*bgp.BGPUpdate)
+		_, err := bgp.ValidateUpdateMsg(body, []bgp.RouteFamily{peer.rf})
+		if err != nil {
+			log.WithFields(log.Fields{
+				"Topic": "Peer",
+				"Key":   peer.peerConfig.NeighborAddress,
+				"error": err,
+			}).Warn("malformed BGP update message")
+			m := err.(*bgp.MessageError)
+			if m.TypeCode != 0 {
+				peer.outgoing <- bgp.NewBGPNotificationMessage(m.TypeCode, m.SubTypeCode, m.Data)
+			}
+			return
+		}
 		table.UpdatePathAttrs4ByteAs(body)
 		msg := table.NewProcessMessage(m, peer.peerInfo)
 		pathList := msg.ToPathList()
author	FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>	2015-01-29 16:26:34 +0900
committer	FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>	2015-01-29 16:26:34 +0900
commit	0e4fe0c5f3bacac5f056f481bd143b202a3b71db (patch)
tree	123d34994365860a5b1e5401eb6198797de23630 /server
parent	1462fdb4d240cd956b6c1189ac769be7e7b1bba4 (diff)