zebra: fix buffer overflow

author Igor Ryzhov <iryzhov@nfware.com>

Tue, 28 Sep 2021 12:44:51 +0000 (15:44 +0300)

committer mergify-bot <noreply@mergify.io>

Tue, 12 Oct 2021 16:23:54 +0000 (16:23 +0000)
author Igor Ryzhov <iryzhov@nfware.com>
Tue, 28 Sep 2021 12:44:51 +0000 (15:44 +0300)
committer mergify-bot <noreply@mergify.io>
Tue, 12 Oct 2021 16:23:54 +0000 (16:23 +0000)
diff --git a/zebra/rt_netlink.c b/zebra/rt_netlink.c

index fbf37230c731d22454b63c30fb1a1f4ff7e8425e..e96fede2a77732ec59234055d4644c5c441dd77a 100644 (file)
--- a/zebra/rt_netlink.c
+++ b/zebra/rt_netlink.c
@@ -3388,7 +3388,6 @@ static int netlink_ipneigh_change(struct nlmsghdr *h, int len, ns_id_t ns_id)
         if (tb[NDA_LLADDR]) {
                 /* copy LLADDR information */
                 l2_len = RTA_PAYLOAD(tb[NDA_LLADDR]);
-               memcpy(&mac, RTA_DATA(tb[NDA_LLADDR]), l2_len);
         }
         if (l2_len == IPV4_MAX_BYTELEN || l2_len == 0) {
                 union sockunion link_layer_ipv4;
@@ -3396,7 +3395,7 @@ static int netlink_ipneigh_change(struct nlmsghdr *h, int len, ns_id_t ns_id)
                 if (l2_len) {
                         sockunion_family(&link_layer_ipv4) = AF_INET;
                         memcpy((void *)sockunion_get_addr(&link_layer_ipv4),
-                              &mac, l2_len);
+                              RTA_DATA(tb[NDA_LLADDR]), l2_len);
                 } else
                         sockunion_family(&link_layer_ipv4) = AF_UNSPEC;
                 zsend_nhrp_neighbor_notify(cmd, ifp, &ip, ndm->ndm_state,
author	Igor Ryzhov <iryzhov@nfware.com>
	Tue, 28 Sep 2021 12:44:51 +0000 (15:44 +0300)
committer	mergify-bot <noreply@mergify.io>
	Tue, 12 Oct 2021 16:23:54 +0000 (16:23 +0000)