--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/quagga/patches/23-cve-2011-3327.patch Wed Nov 09 09:11:11 2011 -0800
@@ -0,0 +1,30 @@
+--- bgpd/bgp_ecommunity.c
++++ bgpd/bgp_ecommunity.c
+@@ -568,6 +568,13 @@
+
+ for (i = 0; i < ecom->size; i++)
+ {
++ /* Make sure the size is large enough. */
++ while (str_pnt + ECOMMUNITY_STR_DEFAULT_LEN >= str_size)
++ {
++ str_size *= 2;
++ str_buf = XREALLOC (MTYPE_ECOMMUNITY_STR, str_buf, str_size);
++ }
++
+ /* Space between each value. */
+ if (! first)
+ str_buf[str_pnt++] = ' ';
+@@ -610,13 +617,6 @@
+ break;
+ }
+
+- /* Make it sure size is enough. */
+- while (str_pnt + ECOMMUNITY_STR_DEFAULT_LEN >= str_size)
+- {
+- str_size *= 2;
+- str_buf = XREALLOC (MTYPE_ECOMMUNITY_STR, str_buf, str_size);
+- }
+-
+ /* Put string into buffer. */
+ if (encode == ECOMMUNITY_ENCODE_AS)
+ {