bgpd: fix uninitialized & wrong endian NOTIFY

notify_data_remote_as4 would contain garbage if optlen == 0, and also
as4 is in host byte order while the notify needs network byte order.

Signed-off-by: David Lamparter <equinox@diac24.net>

diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
index 655a4745cba045681bc37cd6cbfb882bfe0fb315..295e62b7cf9fd00ddcf1de5d7b98df973e01afe8 100644 (file)
--- a/bgpd/bgp_packet.c
+++ b/bgpd/bgp_packet.c
@@ -1045,7 +1045,7 @@ static int bgp_open_receive(struct peer *peer, bgp_size_t size)
        uint16_t holdtime;
        uint16_t send_holdtime;
        as_t remote_as;
-       as_t as4 = 0;
+       as_t as4 = 0, as4_be;
        struct in_addr remote_id;
        int mp_capability;
        uint8_t notify_data_remote_as[2];
@@ -1088,9 +1088,11 @@ static int bgp_open_receive(struct peer *peer, bgp_size_t size)
                 * that we do not know which peer is connecting to us now.
                 */
                as4 = peek_for_as4_capability(peer, optlen);
-               memcpy(notify_data_remote_as4, &as4, 4);
        }
 
+       as4_be = htonl(as4);
+       memcpy(notify_data_remote_as4, &as4_be, 4);
+
        /* Just in case we have a silly peer who sends AS4 capability set to 0
         */
        if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {