]> git.puffer.fish Git - mirror/frr.git/commit
projects / mirror / frr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 25408c8) | patch
bgpd: fix insecure data write with ip addresses
authorLouis Scalbert <louis.scalbert@6wind.com>
Thu, 28 Sep 2023 14:53:35 +0000 (16:53 +0200)
committerLouis Scalbert <louis.scalbert@6wind.com>
Thu, 28 Sep 2023 15:51:23 +0000 (17:51 +0200)
commit54222f921305edbce74e81996e9303c0c6b03823
treeb19c30b417c3be7dda8202b596eda334abb53396tree | snapshot
parent25408c8dbf7d9e0149ceb2dcbd2058860ce4f6c5commit | diff
bgpd: fix insecure data write with ip addresses

Fix issues where an attacker may inject a tainted length value to
corrupt the memory.

> CID 1568378 (#1-6 of 6): Untrusted value as argument (TAINTED_SCALAR)
> 16. tainted_data: Passing tainted expression length to bgp_linkstate_tlv_attribute_value_display, which uses it as an offset. [show details]

Fixes: 7e0d9ff8ba ("bgpd: display link-state prefixes detail")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
bgpd/bgp_linkstate_tlv.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.