Jerry/bird
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Fixes possible buffer overflow when printing BGP attributes.

Browse source 
Thanks to Alexander V. Chernikov for the patch.
This commit is contained in:
Ondrej Zajicek 2011-09-03 21:59:40 +02:00
parent 2918e61046
commit 6c4df70373
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
proto/bgp/attrs.c
View file

@ -1576,16 +1576,18 @@ bgp_get_attr(eattr *a, byte *buf, int buflen)
{ {
unsigned int i = EA_ID(a->id); unsigned int i = EA_ID(a->id);
struct attr_desc *d; struct attr_desc *d;
int len;
if (ATTR_KNOWN(i)) if (ATTR_KNOWN(i))
{ {
d = &bgp_attr_table[i]; d = &bgp_attr_table[i];
buf += bsprintf(buf, "%s", d->name); len = bsprintf(buf, "%s", d->name);
buf += len;
if (d->format) if (d->format)
{ {
*buf++ = ':'; *buf++ = ':';
*buf++ = ' '; *buf++ = ' ';
d->format(a, buf, buflen); d->format(a, buf, buflen - len - 2);
return GA_FULL; return GA_FULL;
} }
return GA_NAME; return GA_NAME;