diff options
| author | Donald Sharp <sharpd@cumulusnetworks.com> | 2017-08-25 01:15:20 +0200 |
|---|---|---|
| committer | Donald Sharp <sharpd@cumulusnetworks.com> | 2017-08-25 02:34:20 +0200 |
| commit | dbfd865b05d6c4e9395a39bb24f5eaf0b850451c (patch) | |
| tree | 91addae6b8793292c899a3c64a56511507a152d1 /eigrpd/eigrp_packet.c | |
| parent | Merge pull request #1037 from donaldsharp/eigrp_split_horizon (diff) | |
| download | frr-dbfd865b05d6c4e9395a39bb24f5eaf0b850451c.tar.xz frr-dbfd865b05d6c4e9395a39bb24f5eaf0b850451c.zip | |
eigrpd: Cleanup various SA Issues
1) Handle key value not found on interface
2) Handle various NULL pointer possibilities
3) Fix possible integer overflow
4) Fix memory leak
5) Check return codes on sscanf
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Diffstat (limited to 'eigrpd/eigrp_packet.c')
| -rw-r--r-- | eigrpd/eigrp_packet.c | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/eigrpd/eigrp_packet.c b/eigrpd/eigrp_packet.c index 68e7cdcbb..8a7d4d958 100644 --- a/eigrpd/eigrp_packet.c +++ b/eigrpd/eigrp_packet.c @@ -193,6 +193,12 @@ int eigrp_check_md5_digest(struct stream *s, if (keychain) key = key_lookup_for_send(keychain); + if (!key) { + zlog_warn("Interface %s: Expected key value not found in config", + nbr->ei->ifp->name); + return 0; + } + memset(&ctx, 0, sizeof(ctx)); MD5Init(&ctx); @@ -229,8 +235,7 @@ int eigrp_check_md5_digest(struct stream *s, } /* save neighbor's crypt_seqnum */ - if (nbr) - nbr->crypt_seqnum = authTLV->key_sequence; + nbr->crypt_seqnum = authTLV->key_sequence; return 1; } @@ -240,10 +245,11 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, { struct key *key = NULL; struct keychain *keychain; - char *source_ip; + char source_ip[PREFIX_STRLEN]; unsigned char digest[EIGRP_AUTH_TYPE_SHA256_LEN]; unsigned char buffer[1 + PLAINTEXT_LENGTH + 45 + 1] = {0}; + HMAC_SHA256_CTX ctx; void *ibuf; size_t backup_get, backup_end; @@ -263,11 +269,13 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, if (keychain) key = key_lookup_for_send(keychain); - // saved_len[index] = strnzcpyn(saved_key[index], key, - // PLAINTEXT_LENGTH + 1); + if (!key) { + zlog_warn("Interface %s: Expected key value not found in config", + ei->ifp->name); + return 0; + } - source_ip = calloc(16, sizeof(char)); - inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, 16); + inet_ntop(AF_INET, &ei->address->u.prefix4, source_ip, PREFIX_STRLEN); memset(&ctx, 0, sizeof(ctx)); buffer[0] = '\n'; @@ -287,7 +295,6 @@ int eigrp_make_sha256_digest(struct eigrp_interface *ei, struct stream *s, stream_set_endp(s, backup_end); eigrp_authTLV_SHA256_free(auth_TLV); - free(source_ip); return EIGRP_AUTH_TYPE_SHA256_LEN; } @@ -613,10 +620,10 @@ int eigrp_read(struct thread *thread) opcode = eigrph->opcode; if (IS_DEBUG_EIGRP_TRANSMIT(0, RECV)) { - char src[100], dst[100]; + char src[PREFIX_STRLEN], dst[PREFIX_STRLEN]; - strcpy(src, inet_ntoa(iph->ip_src)); - strcpy(dst, inet_ntoa(iph->ip_dst)); + strncpy(src, inet_ntoa(iph->ip_src), PREFIX_STRLEN); + strncpy(dst, inet_ntoa(iph->ip_dst), PREFIX_STRLEN); zlog_debug("Received [%s][%d/%d] length [%u] via [%s] src [%s] dst [%s]", lookup_msg(eigrp_packet_type_str, opcode, NULL), ntohl(eigrph->sequence), ntohl(eigrph->ack), length, |