bgpd: fix insecure data write with ip addresses - matthieu/frr.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Louis Scalbert <louis.scalbert@6wind.com>	2023-09-28 16:53:35 +0200
committer	Louis Scalbert <louis.scalbert@6wind.com>	2023-09-28 17:51:23 +0200
commit	54222f921305edbce74e81996e9303c0c6b03823 (patch)
tree	b19c30b417c3be7dda8202b596eda334abb53396 /lib/command_match.c
parent	25408c8dbf7d9e0149ceb2dcbd2058860ce4f6c5 (diff)

bgpd: fix insecure data write with ip addresses

Fix issues where an attacker may inject a tainted length value to corrupt the memory. > CID 1568378 (#1-6 of 6): Untrusted value as argument (TAINTED_SCALAR) > 16. tainted_data: Passing tainted expression length to bgp_linkstate_tlv_attribute_value_display, which uses it as an offset. [show details] Fixes: 7e0d9ff8ba ("bgpd: display link-state prefixes detail") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>

Diffstat (limited to 'lib/command_match.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: