0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2025-01-03 15:41:54 +00:00

IPv4 flowspec literals should reject IPv6 prefices in a well-behaved way

When writing flow4 { dst 2001:db8::dead:beef/128; }, BIRD crashed on an
not-well-debuggable segfault as it tried to copy the whole 128-bit
prefix into an IPv4-sized memory.
This commit is contained in:
Maria Matejka 2022-06-07 10:35:48 +02:00
parent ad686c55c3
commit 141fb51f1a
2 changed files with 11 additions and 2 deletions

View File

@ -110,7 +110,7 @@ CF_DECLS
%type <i> expr bool pxlen4 %type <i> expr bool pxlen4
%type <time> expr_us time %type <time> expr_us time
%type <a> ipa %type <a> ipa
%type <net> net_ip4_ net_ip6_ net_ip6 net_ip_ net_ip net_or_ipa %type <net> net_ip4_ net_ip4 net_ip6_ net_ip6 net_ip_ net_ip net_or_ipa
%type <net_ptr> net_ net_any net_vpn4_ net_vpn6_ net_vpn_ net_roa4_ net_roa6_ net_roa_ net_ip6_sadr_ net_mpls_ %type <net_ptr> net_ net_any net_vpn4_ net_vpn6_ net_vpn_ net_roa4_ net_roa6_ net_roa_ net_ip6_sadr_ net_mpls_
%type <mls> label_stack_start label_stack %type <mls> label_stack_start label_stack
@ -303,6 +303,15 @@ net_:
/* Networks - regular */ /* Networks - regular */
net_ip4:
net_ip4_
| CF_SYM_KNOWN {
if (($1->class != (SYM_CONSTANT | T_NET)) || (SYM_VAL($1).net->type != NET_IP4))
cf_error("IPv4 network constant expected");
$$ = * SYM_VAL($1).net;
}
;
net_ip6: net_ip6:
net_ip6_ net_ip6_
| CF_SYM_KNOWN { | CF_SYM_KNOWN {

View File

@ -142,7 +142,7 @@ flow_frag_opts:
; ;
flow4_item: flow4_item:
flow_srcdst net_ip { flow_srcdst net_ip4 {
flow_builder_set_type(this_flow, $1); flow_builder_set_type(this_flow, $1);
flow_builder4_add_pfx(this_flow, (net_addr_ip4 *) &($2)); flow_builder4_add_pfx(this_flow, (net_addr_ip4 *) &($2));
} }