bgpd: add protection against too large opaque data structure

BGP opaque data shouldn't be larger than zebra's buffer. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-08-06 17:09:46 +03:00 · 2021-08-06 17:09:46 +03:00 · b5bb70e377
parent a9bf0ff268
commit b5bb70e377
1 changed files with 6 additions and 0 deletions
--- a/lib/route_opaque.h
+++ b/lib/route_opaque.h
@ -21,6 +21,9 @@
 #ifndef FRR_ROUTE_OPAQUE_H
 #define FRR_ROUTE_OPAQUE_H

+#include "assert.h"
+#include "zclient.h"
+
 #include "bgpd/bgp_aspath.h"
 #include "bgpd/bgp_community.h"
 #include "bgpd/bgp_lcommunity.h"
@ -35,4 +38,7 @@ struct bgp_zebra_opaque {
 	char lcommunity[LCOMMUNITY_SIZE * 30];
 };

+static_assert(sizeof(struct bgp_zebra_opaque) <= ZAPI_MESSAGE_OPAQUE_LENGTH,
+              "BGP opaque data shouldn't be larger than zebra's buffer");
+
 #endif /* FRR_ROUTE_OPAQUE_H */