From 6af683039f8d7dca0d09bb4c613c9b44e7c30b60 Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Wed, 8 Nov 2023 15:26:40 +0200
Subject: [PATCH] bgpd: Set the software version capability received flag only
 after a validation

We shouldn't set it blindly once the packet is received, but first we have to
do some sanity checks.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---
 bgpd/bgp_open.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
index 545da7c559..b9ab401850 100644
--- a/bgpd/bgp_open.c
+++ b/bgpd/bgp_open.c
@@ -896,8 +896,6 @@ static int bgp_capability_software_version(struct peer *peer,
 	size_t end = stream_get_getp(s) + hdr->length;
 	uint8_t len;
 
-	SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV);
-
 	len = stream_getc(s);
 	if (stream_get_getp(s) + len > end) {
 		flog_warn(
@@ -907,6 +905,8 @@ static int bgp_capability_software_version(struct peer *peer,
 		return -1;
 	}
 
+	SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV);
+
 	if (len > BGP_MAX_SOFT_VERSION) {
 		flog_warn(EC_BGP_CAPABILITY_INVALID_LENGTH,
 			  "%s: Received Software Version, but the length is too big, truncating, from peer %s",
-- 
2.39.5