0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-22 09:41:54 +00:00

Fixes possible buffer overflow when printing BGP attributes.

Thanks to Alexander V. Chernikov for the patch.
This commit is contained in:
Ondrej Zajicek 2011-09-03 21:59:40 +02:00
parent 2918e61046
commit 6c4df70373

View File

@ -1576,16 +1576,18 @@ bgp_get_attr(eattr *a, byte *buf, int buflen)
{ {
unsigned int i = EA_ID(a->id); unsigned int i = EA_ID(a->id);
struct attr_desc *d; struct attr_desc *d;
int len;
if (ATTR_KNOWN(i)) if (ATTR_KNOWN(i))
{ {
d = &bgp_attr_table[i]; d = &bgp_attr_table[i];
buf += bsprintf(buf, "%s", d->name); len = bsprintf(buf, "%s", d->name);
buf += len;
if (d->format) if (d->format)
{ {
*buf++ = ':'; *buf++ = ':';
*buf++ = ' '; *buf++ = ' ';
d->format(a, buf, buflen); d->format(a, buf, buflen - len - 2);
return GA_FULL; return GA_FULL;
} }
return GA_NAME; return GA_NAME;