openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00
Code Activity

Ensure that alt_len includes at least the size of alt.family member

Browse Source 
to ensure that the parser is not going off the rails.

OK renato@
This commit is contained in:
claudio
2026-05-05 11:40:02 +00:00
parent 1193c4b79d
commit f2c7d03598
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
usr.sbin/ldpd/address.c
+2 -2
View File
@@ -1,4 +1,4 @@
/* $OpenBSD: address.c,v 1.35 2017/03/04 00:21:48 renato Exp $ */
/* $OpenBSD: address.c,v 1.36 2026/05/05 11:40:02 claudio Exp $ */
/*
* Copyright (c) 2009 Michele Marchetto <michele@openbsd.org>
@@ -208,7 +208,7 @@ recv_address(struct nbr *nbr, char *buf, uint16_t len)
memcpy(&alt, buf, sizeof(alt));
alt_len = ntohs(alt.length);
alt_family = ntohs(alt.family);
if (alt_len > len - TLV_HDR_SIZE) {
if (alt_len < sizeof(alt.family) || alt_len > len - TLV_HDR_SIZE) {
session_shutdown(nbr, S_BAD_TLV_LEN, msg.id, msg.type);
return (-1);
}