From: Leonid Rosenboim <lrosenbo@wrs.com>
Date: Thu, 6 Dec 2012 20:17:41 +0000 (+0000)
Subject: zebra: don't overrun afi/safi array boundaries
X-Git-Tag: frr-2.0-rc1~1715
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=9499bf2bc6daf0a9b7170d3cf994daef2f1a8920;p=mirror%2Ffrr.git

zebra: don't overrun afi/safi array boundaries

zebra was not checking afi/safi values.  This was leading to crashes where
these values were coming directly from some protocol's on-wire fields.
Safeguarding them in zebra is a good start.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
---

diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c
index a75d721513..4dd8551a29 100644
--- a/zebra/zebra_rib.c
+++ b/zebra/zebra_rib.c
@@ -155,6 +155,9 @@ vrf_table (afi_t afi, safi_t safi, u_int32_t id)
   if (! vrf)
     return NULL;
 
+  if( afi >= AFI_MAX  || safi >= SAFI_MAX )
+    return NULL;
+
   return vrf->table[afi][safi];
 }
 
@@ -168,6 +171,9 @@ vrf_static_table (afi_t afi, safi_t safi, u_int32_t id)
   if (! vrf)
     return NULL;
 
+  if( afi >= AFI_MAX  || safi >= SAFI_MAX )
+    return NULL;
+
   return vrf->stable[afi][safi];
 }