From: claudio Date: Thu, 20 Sep 2018 07:41:25 +0000 (+0000) Subject: Fix the empty aspath segments check. seg_size is never 0, this needs to use X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=d04df93831fe37af372e74dda5413ce59c0edfb0;p=openbsd Fix the empty aspath segments check. seg_size is never 0, this needs to use seg_len instead. Since seg_len is known early move the check up. Found while hunting for the other bug in aspath_verify. --- diff --git a/usr.sbin/bgpd/util.c b/usr.sbin/bgpd/util.c index 0c01b54e2b7..c60c7241351 100644 --- a/usr.sbin/bgpd/util.c +++ b/usr.sbin/bgpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.36 2018/09/20 07:37:06 claudio Exp $ */ +/* $OpenBSD: util.c,v 1.37 2018/09/20 07:41:25 claudio Exp $ */ /* * Copyright (c) 2006 Claudio Jeker @@ -459,6 +459,10 @@ aspath_verify(void *data, u_int16_t len, int as4byte) seg_type = seg[0]; seg_len = seg[1]; + if (seg_len == 0) + /* empty aspath segments are not allowed */ + return (AS_ERR_BAD); + /* * BGP confederations should not show up but consider them * as a soft error which invalidates the path but keeps the @@ -475,10 +479,6 @@ aspath_verify(void *data, u_int16_t len, int as4byte) if (seg_size > len) return (AS_ERR_LEN); - if (seg_size == 0) - /* empty aspath segments are not allowed */ - return (AS_ERR_BAD); - /* RFC 7607 - AS 0 is considered malformed */ ptr = seg + 2; for (pos = 0; pos < seg_len; pos++) {