bgpd: add protection against too large opaque data structure

BGP opaque data shouldn't be larger than zebra's buffer.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>

diff --git a/lib/route_opaque.h b/lib/route_opaque.h
index fd4e3d589159f96779a8a90617362ba49703a9c2..7c4e9a16e1c238450ab4e9b243f6164dacb1e152 100644 (file)
--- a/lib/route_opaque.h
+++ b/lib/route_opaque.h
@@ -21,6 +21,9 @@
 #ifndef FRR_ROUTE_OPAQUE_H
 #define FRR_ROUTE_OPAQUE_H
 
+#include "assert.h"
+#include "zclient.h"
+
 #include "bgpd/bgp_aspath.h"
 #include "bgpd/bgp_community.h"
 #include "bgpd/bgp_lcommunity.h"
@@ -35,4 +38,7 @@ struct bgp_zebra_opaque {
        char lcommunity[LCOMMUNITY_SIZE * 30];
 };
 
+static_assert(sizeof(struct bgp_zebra_opaque) <= ZAPI_MESSAGE_OPAQUE_LENGTH,
+              "BGP opaque data shouldn't be larger than zebra's buffer");
+
 #endif /* FRR_ROUTE_OPAQUE_H */