zebra: don't overrun afi/safi array boundaries

zebra was not checking afi/safi values.  This was leading to crashes where
these values were coming directly from some protocol's on-wire fields.
Safeguarding them in zebra is a good start.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c
index a75d721513adf08fc9e2e9978562d6fbd84b1116..4dd8551a2943b03eb1834bb3e0d7a8c013e4cc60 100644 (file)
--- a/zebra/zebra_rib.c
+++ b/zebra/zebra_rib.c
@@ -155,6 +155,9 @@ vrf_table (afi_t afi, safi_t safi, u_int32_t id)
   if (! vrf)
     return NULL;
 
+  if( afi >= AFI_MAX  || safi >= SAFI_MAX )
+    return NULL;
+
   return vrf->table[afi][safi];
 }
 
@@ -168,6 +171,9 @@ vrf_static_table (afi_t afi, safi_t safi, u_int32_t id)
   if (! vrf)
     return NULL;
 
+  if( afi >= AFI_MAX  || safi >= SAFI_MAX )
+    return NULL;
+
   return vrf->stable[afi][safi];
 }
 \f