last_reset_cause_size is the length *used* in last_reset_cause[]. It's
straight up used wrong here; we're saving off a reset cause and need to
check against the *available* size in last_reset_cause[].
This could actually have led to (hopefully rare) crashes in the assert
there, since the assert condition might fail incorrectly.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* in place because we are sometimes called with a doppelganger peer,
* who tends to have a plethora of fields nulled out.
*/
- if (peer->curr && peer->last_reset_cause_size) {
+ if (peer->curr) {
size_t packetsize = stream_get_endp(peer->curr);
- assert(packetsize <= peer->last_reset_cause_size);
+ assert(packetsize <= sizeof(peer->last_reset_cause));
memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
peer->last_reset_cause_size = packetsize;
}
unsigned long weight[AFI_MAX][SAFI_MAX];
/* peer reset cause */
- char last_reset;
+ uint8_t last_reset;
#define PEER_DOWN_RID_CHANGE 1 /* bgp router-id command */
#define PEER_DOWN_REMOTE_AS_CHANGE 2 /* neighbor remote-as command */
#define PEER_DOWN_LOCAL_AS_CHANGE 3 /* neighbor local-as command */
#define PEER_DOWN_BFD_DOWN 24 /* BFD down */
#define PEER_DOWN_IF_DOWN 25 /* Interface down */
#define PEER_DOWN_NBR_ADDR_DEL 26 /* Peer address lost */
- unsigned long last_reset_cause_size;
+ size_t last_reset_cause_size;
uint8_t last_reset_cause[BGP_MAX_PACKET_SIZE];
/* The kind of route-map Flags.*/
projects / matthieu / frr.git / commitdiff