| author | Brian Utterback <brian.utterback@oracle.com> |
| Mon, 11 Apr 2016 09:49:37 -0700 | |
| changeset 5755 | 041717cfc591 |
| permissions | -rw-r--r-- |
|
5755
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
1 |
The fix for this CVE is included in Quagga version 1.0 and later. This patch |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
2 |
may be removed when Quagga is upgraded to a version later than that. The patch |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
3 |
is the same as that submitted and subsequently committed to the code base, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
4 |
except there is a one line modification to patch. In July 2015 the call to |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
5 |
decode_label was removed from the code base because it was useless. The |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
6 |
patch was changed to remove this line. The existence of the line prevented |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
7 |
the patch from applying as is. After the application of this patch the result |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
8 |
is the same as is currently available in the community code base. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
9 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
10 |
From: Donald Sharp <[email protected]> |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
11 |
Date: Wed, 27 Jan 2016 16:54:45 +0000 |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
12 |
Subject: bgpd: Fix VU#270232, VPNv4 NLRI parser memcpys to stack on unchecked length |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
13 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
14 |
Address CERT vulnerability report VU#270232, memcpy to stack data structure |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
15 |
based on length field from packet data whose length field upper-bound was |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
16 |
not properly checked. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
17 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
18 |
This likely allows BGP peers that are enabled to send Labeled-VPN SAFI |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
19 |
routes to Quagga bgpd to remotely exploit Quagga bgpd. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
20 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
21 |
Mitigation: Do not enable Labeled-VPN SAFI with untrusted neighbours. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
22 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
23 |
Impact: Labeled-VPN SAFI is not enabled by default. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
24 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
25 |
* bgp_mplsvpn.c: (bgp_nlri_parse_vpnv4) The prefixlen is checked for |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
26 |
lower-bound, but not for upper-bound against received data length. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
27 |
The packet data is then memcpy'd to the stack based on the prefixlen. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
28 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
29 |
Extend the prefixlen check to ensure it is within the bound of the NLRI |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
30 |
packet data AND the on-stack prefix structure AND the maximum size for the |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
31 |
address family. |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
32 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
33 |
Reported-by: Kostya Kortchinsky <[email protected]> |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
34 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
35 |
This commit a joint effort between: |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
36 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
37 |
Lou Berger <[email protected]> |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
38 |
Donald Sharp <[email protected]> |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
39 |
Paul Jakma <[email protected]> / <[email protected]> |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
40 |
--- |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
41 |
diff --git bgpd/bgp_mplsvpn.c bgpd/bgp_mplsvpn.c |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
42 |
index a72d5ed..75c90cd 100644 |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
43 |
--- bgpd/bgp_mplsvpn.c |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
44 |
+++ bgpd/bgp_mplsvpn.c |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
45 |
@@ -102,6 +102,7 @@ bgp_nlri_parse_vpnv4 (struct peer *peer, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
46 |
pnt = packet->nlri; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
47 |
lim = pnt + packet->length; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
48 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
49 |
+#define VPN_PREFIXLEN_MIN_BYTES (3 + 8) /* label + RD */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
50 |
for (; pnt < lim; pnt += psize) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
51 |
{
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
52 |
/* Clear prefix structure. */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
53 |
@@ -109,19 +110,38 @@ bgp_nlri_parse_vpnv4 (struct peer *peer, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
54 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
55 |
/* Fetch prefix length. */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
56 |
prefixlen = *pnt++; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
57 |
- p.family = AF_INET; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
58 |
+ p.family = afi2family (packet->afi); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
59 |
psize = PSIZE (prefixlen); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
60 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
61 |
- if (prefixlen < 88) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
62 |
- {
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
63 |
- zlog_err ("prefix length is less than 88: %d", prefixlen);
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
64 |
- return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
65 |
- } |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
66 |
+ /* sanity check against packet data */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
67 |
+ if (prefixlen < VPN_PREFIXLEN_MIN_BYTES*8 || (pnt + psize) > lim) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
68 |
+ {
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
69 |
+ zlog_err ("prefix length (%d) is less than 88"
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
70 |
+ " or larger than received (%u)", |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
71 |
+ prefixlen, (uint)(lim-pnt)); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
72 |
+ return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
73 |
+ } |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
74 |
+ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
75 |
+ /* sanity check against storage for the IP address portion */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
76 |
+ if ((psize - VPN_PREFIXLEN_MIN_BYTES) > (ssize_t) sizeof(p.u)) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
77 |
+ {
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
78 |
+ zlog_err ("prefix length (%d) exceeds prefix storage (%zu)",
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
79 |
+ prefixlen - VPN_PREFIXLEN_MIN_BYTES*8, sizeof(p.u)); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
80 |
+ return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
81 |
+ } |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
82 |
+ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
83 |
+ /* Sanity check against max bitlen of the address family */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
84 |
+ if ((psize - VPN_PREFIXLEN_MIN_BYTES) > prefix_blen (&p)) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
85 |
+ {
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
86 |
+ zlog_err ("prefix length (%d) exceeds family (%u) max byte length (%u)",
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
87 |
+ prefixlen - VPN_PREFIXLEN_MIN_BYTES*8, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
88 |
+ p.family, prefix_blen (&p)); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
89 |
+ return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
90 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
91 |
- label = decode_label (pnt); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
92 |
+ } |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
93 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
94 |
/* Copyr label to prefix. */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
95 |
- tagpnt = pnt;; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
96 |
+ tagpnt = pnt; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
97 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
98 |
/* Copy routing distinguisher to rd. */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
99 |
memcpy (&prd.val, pnt + 3, 8); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
100 |
@@ -140,8 +160,9 @@ bgp_nlri_parse_vpnv4 (struct peer *peer, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
101 |
return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
102 |
} |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
103 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
104 |
- p.prefixlen = prefixlen - 88; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
105 |
- memcpy (&p.u.prefix, pnt + 11, psize - 11); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
106 |
+ p.prefixlen = prefixlen - VPN_PREFIXLEN_MIN_BYTES*8; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
107 |
+ memcpy (&p.u.prefix, pnt + VPN_PREFIXLEN_MIN_BYTES, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
108 |
+ psize - VPN_PREFIXLEN_MIN_BYTES); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
109 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
110 |
#if 0 |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
111 |
if (type == RD_TYPE_AS) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
112 |
@@ -152,9 +173,6 @@ bgp_nlri_parse_vpnv4 (struct peer *peer, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
113 |
rd_ip.val, inet_ntoa (p.u.prefix4), p.prefixlen); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
114 |
#endif /* 0 */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
115 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
116 |
- if (pnt + psize > lim) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
117 |
- return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
118 |
- |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
119 |
if (attr) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
120 |
bgp_update (peer, &p, attr, AFI_IP, SAFI_MPLS_VPN, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
121 |
ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL, &prd, tagpnt, 0); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
122 |
@@ -162,12 +180,12 @@ bgp_nlri_parse_vpnv4 (struct peer *peer, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
123 |
bgp_withdraw (peer, &p, attr, AFI_IP, SAFI_MPLS_VPN, |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
124 |
ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL, &prd, tagpnt); |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
125 |
} |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
126 |
- |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
127 |
/* Packet length consistency check. */ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
128 |
if (pnt != lim) |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
129 |
return -1; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
130 |
- |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
131 |
+ |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
132 |
return 0; |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
133 |
+#undef VPN_PREFIXLEN_MIN_BYTES |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
134 |
} |
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
135 |
|
|
041717cfc591
22930543 problem in SERVICE/QUAGGA
Brian Utterback <brian.utterback@oracle.com>
parents:
diff
changeset
|
136 |
int |