From a6bc04d59130c49a1dbfadffa4285b11e2ff4939 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 29 Oct 2009 23:57:42 +0100 Subject: Implements better checks on incoming packets and LSAs in OSPF. --- proto/ospf/lsreq.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) (limited to 'proto/ospf/lsreq.c') diff --git a/proto/ospf/lsreq.c b/proto/ospf/lsreq.c index 1b5da27..6785644 100644 --- a/proto/ospf/lsreq.c +++ b/proto/ospf/lsreq.c @@ -23,7 +23,7 @@ static void ospf_dump_lsreq(struct proto *p, struct ospf_lsreq_packet *pkt) ASSERT(op->type == LSREQ_P); ospf_dump_common(p, op); - int i, j; + unsigned int i, j; j = (ntohs(op->length) - sizeof(struct ospf_lsreq_packet)) / sizeof(struct ospf_lsreq_header); @@ -91,17 +91,23 @@ void ospf_lsreq_receive(struct ospf_packet *ps_i, struct ospf_iface *ifa, struct ospf_neighbor *n) { - struct ospf_lsreq_packet *ps = (void *) ps_i; + struct ospf_area *oa = ifa->oa; + struct proto_ospf *po = oa->po; + struct proto *p = &po->proto; struct ospf_lsreq_header *lsh; struct l_lsr_head *llsh; list uplist; slab *upslab; - unsigned int size = ntohs(ps->ospf_packet.length); int i, lsano; - struct ospf_area *oa = ifa->oa; - struct proto_ospf *po = oa->po; - struct proto *p = &po->proto; + unsigned int size = ntohs(ps_i->length); + if (size < sizeof(struct ospf_lsreq_packet)) + { + log(L_ERR "Bad OSPF LSREQ packet from %I - too short (%u B)", n->ip, size); + return; + } + + struct ospf_lsreq_packet *ps = (void *) ps_i; OSPF_PACKET(ospf_dump_lsreq, ps, "LSREQ packet received from %I via %s", n->ip, ifa->iface->name); if (n->state < NEIGHBOR_EXCHANGE) @@ -129,8 +135,7 @@ ospf_lsreq_receive(struct ospf_packet *ps_i, struct ospf_iface *ifa, add_tail(&uplist, NODE llsh); if (ospf_hash_find(po->gr, dom, hid, hrt, htype) == NULL) { - log(L_WARN - "Received bad LS req from: %I looking: Type: %u, ID: %R, RT: %R", + log(L_WARN "Received bad LS req from: %I looking: Type: %u, ID: %R, RT: %R", n->ip, htype, hid, hrt); ospf_neigh_sm(n, INM_BADLSREQ); rfree(upslab); -- cgit v1.2.3