summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ospfd/ospf_lsa.h2
-rw-r--r--ospfd/ospf_packet.c8
2 files changed, 6 insertions, 4 deletions
diff --git a/ospfd/ospf_lsa.h b/ospfd/ospf_lsa.h
index d01dc720ba..f536c311f9 100644
--- a/ospfd/ospf_lsa.h
+++ b/ospfd/ospf_lsa.h
@@ -218,6 +218,8 @@ struct as_external_lsa {
#define LS_AGE(x) (OSPF_LSA_MAXAGE < get_age(x) ? OSPF_LSA_MAXAGE : get_age(x))
#define IS_LSA_SELF(L) (CHECK_FLAG ((L)->flags, OSPF_LSA_SELF))
#define IS_LSA_MAXAGE(L) (LS_AGE ((L)) == OSPF_LSA_MAXAGE)
+#define IS_LSA_MAX_SEQ(L) \
+ ((L)->data->ls_seqnum == htonl(OSPF_MAX_SEQUENCE_NUMBER))
#define OSPF_LSA_UPDATE_DELAY 2
diff --git a/ospfd/ospf_packet.c b/ospfd/ospf_packet.c
index 9930b0bd49..8a76e265bc 100644
--- a/ospfd/ospf_packet.c
+++ b/ospfd/ospf_packet.c
@@ -2089,11 +2089,11 @@ static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
if (current == NULL
|| (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
/* CVE-2017-3224 */
- if (current && (lsa->data->ls_seqnum ==
- htonl(OSPF_MAX_SEQUENCE_NUMBER)
- && !IS_LSA_MAXAGE(lsa))) {
+ if (current && (IS_LSA_MAX_SEQ(current))
+ && (IS_LSA_MAX_SEQ(lsa))
+ && !IS_LSA_MAXAGE(lsa)) {
zlog_debug(
- "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
+ "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
dump_lsa_key(lsa));
DISCARD_LSA(lsa, 4);