zebra: reject ingress packets that are too large

There may be logic to prevent this ever happening earlier in the network
read path, but it doesn't hurt to double check it here, because clearly
deeper paths rely on this being the case.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>

diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c
index 933a26f94a7ad70371b92c9333ef7a3a49d4be54..29ee5c1be80fdf5e87f3d77f7af5bccbf1119246 100644 (file)
--- a/zebra/zapi_msg.c
+++ b/zebra/zapi_msg.c
@@ -2540,6 +2540,14 @@ void zserv_handle_commands(struct zserv *client, struct stream *msg)
        struct zmsghdr hdr;
        struct zebra_vrf *zvrf;
 
+       if (STREAM_READABLE(msg) > ZEBRA_MAX_PACKET_SIZ) {
+               if (IS_ZEBRA_DEBUG_PACKET && IS_ZEBRA_DEBUG_RECV)
+                       zlog_debug(
+                               "ZAPI message is %zu bytes long but the maximum packet size is %u; dropping",
+                               STREAM_READABLE(msg), ZEBRA_MAX_PACKET_SIZ);
+               return;
+       }
+
        zapi_parse_header(msg, &hdr);
 
        if (IS_ZEBRA_DEBUG_PACKET && IS_ZEBRA_DEBUG_RECV)