From a6bc04d59130c49a1dbfadffa4285b11e2ff4939 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 29 Oct 2009 23:57:42 +0100 Subject: Implements better checks on incoming packets and LSAs in OSPF. --- proto/ospf/hello.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'proto/ospf/hello.c') diff --git a/proto/ospf/hello.c b/proto/ospf/hello.c index 783761f..855b070 100644 --- a/proto/ospf/hello.c +++ b/proto/ospf/hello.c @@ -45,12 +45,20 @@ void ospf_hello_receive(struct ospf_packet *ps_i, struct ospf_iface *ifa, struct ospf_neighbor *n, ip_addr faddr) { - struct ospf_hello_packet *ps = (void *) ps_i; - u32 *pnrid; + struct proto *p = &ifa->oa->po->proto; + char *beg = "Bad OSPF HELLO packet from ", *rec = " received: "; + unsigned int size, i, twoway, oldpriority, eligible, peers; u32 olddr, oldbdr, oldiface_id, tmp; - char *beg = "Bad OSPF hello packet from ", *rec = " received: "; - struct proto *p = (struct proto *) ifa->oa->po; - unsigned int size = ntohs(ps->ospf_packet.length), i, twoway, oldpriority, eligible = 0, peers; + u32 *pnrid; + + size = ntohs(ps_i->length); + if (size < sizeof(struct ospf_hello_packet)) + { + log(L_ERR "%s%I - too short (%u B)", beg, faddr, size); + return; + } + + struct ospf_hello_packet *ps = (void *) ps_i; OSPF_TRACE(D_PACKETS, "HELLO packet received from %I via %s%s", faddr, (ifa->type == OSPF_IT_VLINK ? "vlink-" : ""), ifa->iface->name); -- cgit v1.2.3