From: Donald Sharp <sharpd@nvidia.com>
Date: Wed, 11 Aug 2021 12:00:03 +0000 (-0400)
Subject: zebra: Ensure stream is long enough
X-Git-Tag: base_8.1~206^2
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=86d87c535225203f8c5b3c0fd1306584946072b3;p=matthieu%2Ffrr.git

zebra: Ensure stream is long enough

In zebra_evpn_proc_remote_nh if we do not pass in a long
enough stream, the stream reads will fail.  Ensure that
we have enough data.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
---

diff --git a/zebra/zebra_evpn_mh.c b/zebra/zebra_evpn_mh.c
index f0d4d2b8c9..c0cc57fc69 100644
--- a/zebra/zebra_evpn_mh.c
+++ b/zebra/zebra_evpn_mh.c
@@ -3920,8 +3920,18 @@ void zebra_evpn_proc_remote_nh(ZAPI_HANDLER_ARGS)
 	struct ipaddr nh;
 	struct ethaddr rmac;
 	struct prefix_evpn dummy_prefix;
+	size_t min_len = 4 + sizeof(nh);
 
 	s = msg;
+
+	/*
+	 * Ensure that the stream sent to us is long enough
+	 */
+	if (hdr->command == ZEBRA_EVPN_REMOTE_NH_ADD)
+		min_len += sizeof(rmac);
+	if (hdr->length < min_len)
+		return;
+
 	vrf_id = stream_getl(s);
 	stream_get(&nh, s, sizeof(nh));