From 124d860f648f4c1c080e77b5f070b97d094f5285 Mon Sep 17 00:00:00 2001
From: Maria Matejka <mq@ucw.cz>
Date: Wed, 14 Aug 2019 11:06:49 +0200
Subject: [PATCH] Filter: fixed omitted overflow check in EC constructor

---
 filter/f-inst.c | 31 +++++++++++++++----------------
 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/filter/f-inst.c b/filter/f-inst.c
index 4b3c627b..3d185918 100644
--- a/filter/f-inst.c
+++ b/filter/f-inst.c
@@ -261,7 +261,7 @@
 
     FID_MEMBER(enum ec_subtype, ecs, f1->ecs != f2->ecs, "ec subtype %s", ec_subtype_str(item->ecs));
 
-    int check, ipv4_used;
+    int ipv4_used;
     u32 key, val;
 
     if (v1.type == T_INT) {
@@ -279,21 +279,20 @@
 
     val = v2.val.i;
 
-    if (ecs == EC_GENERIC) {
-      check = 0; RESULT(T_EC, ec, ec_generic(key, val));
-    }
-    else if (ipv4_used) {
-      check = 1; RESULT(T_EC, ec, ec_ip4(ecs, key, val));
-    }
-    else if (key < 0x10000) {
-      check = 0; RESULT(T_EC, ec, ec_as2(ecs, key, val));
-    }
-    else {
-      check = 1; RESULT(T_EC, ec, ec_as4(ecs, key, val));
-    }
-
-    if (check && (val > 0xFFFF))
-      runtime("Value %u > %u out of bounds in EC constructor", val, 0xFFFF);
+    if (ecs == EC_GENERIC)
+      RESULT(T_EC, ec, ec_generic(key, val));
+    else if (ipv4_used)
+      if (val <= 0xFFFF)
+	RESULT(T_EC, ec, ec_ip4(ecs, key, val));
+      else
+	runtime("4-byte value %u can't be used with IP-address key in extended community", val);
+    else if (key < 0x10000)
+      RESULT(T_EC, ec, ec_as2(ecs, key, val));
+    else
+      if (val <= 0xFFFF)
+	RESULT(T_EC, ec, ec_as4(ecs, key, val));
+      else
+	runtime("4-byte value %u can't be used with 4-byte ASN in extended community", val);
   }
 
   INST(FI_LC_CONSTRUCT, 3, 1) {