bird/proto/rpki
Job Snijders b9f38727a7 RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handler
RFC 6810 and RFC 8210 specify that the "Max Length" value MUST NOT be
less than the Prefix Length element (underflow). On the other side,
overflow of the Max Length element also is possible, it being an 8-bit
unsigned integer allows for values larger than 32 or 128. This also
implicitly ensures there is no overflow of "Length" value.

When a PDU is received where the Max Length field is corrputed, the RTR
client (BIRD) should immediately terminate the session, flush all data
learned from that cache, and log an error for the operator.

Minor changes done by commiter.
2021-12-18 16:35:28 +01:00
..
config.Y RPKI: Add 'ignore max length' option 2020-10-11 01:00:54 +02:00
Doc RPKI protocol with one cache server per protocol 2016-12-07 09:35:24 +01:00
Makefile Minor cleanups 2016-12-13 20:18:11 +01:00
packets.c RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handler 2021-12-18 16:35:28 +01:00
packets.h RPKI: fixed some of the extended warnings 2016-12-07 15:35:35 +01:00
rpki.c Nest: Clean up main channel handling 2021-06-17 16:56:51 +02:00
rpki.h RPKI: Add 'ignore max length' option 2020-10-11 01:00:54 +02:00
ssh_transport.c RPKI: Remove port (and SSH username) from 'Cache server' output line 2021-01-07 06:04:31 +01:00
tcp_transport.c RPKI: Remove port (and SSH username) from 'Cache server' output line 2021-01-07 06:04:31 +01:00
transport.c RPKI: Improve error handling of DNS resolver 2021-03-17 17:24:00 +01:00
transport.h RPKI: Allow build without libSSH 2020-02-04 10:15:35 +01:00