bgpd: limit the length of opaque data sent to zebra

Previously, when aspath->str was longer than sizeof(api.opaque.data), we
were overwriting the wrong memory.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

diff --git a/bgpd/bgp_zebra.c b/bgpd/bgp_zebra.c
index 00d91c2b276637205eaf6de72d84e8c9d1b06459..3f8dc82a44877b15605a07821cad2ccabfcd93a0 100644 (file)
--- a/bgpd/bgp_zebra.c
+++ b/bgpd/bgp_zebra.c
@@ -1416,8 +1416,9 @@ void bgp_zebra_announce(struct bgp_dest *dest, const struct prefix *p,
                struct aspath *aspath = info->attr->aspath;
 
                SET_FLAG(api.message, ZAPI_MESSAGE_OPAQUE);
-               api.opaque.length = strlen(aspath->str) + 1;
-               memcpy(api.opaque.data, aspath->str, api.opaque.length);
+               strlcpy((char *)api.opaque.data, aspath->str,
+                       sizeof(api.opaque.data));
+               api.opaque.length = strlen((char *)api.opaque.data) + 1;
        }
 
        if (allow_recursion)