File bug-718061_quagga-master-514837.patch of Package quagga.import5276

Overview Repositories Revisions Requests Users Attributes Meta

File bug-718061_quagga-master-514837.patch of Package quagga.import5276

commit ef53ed9691c435a50b3addf44b733a60ad022597
Author: Denis Ovsienko <infrastation@yandex.ru>
Date:   Thu Sep 1 18:45:55 2011 +0400

ospfd: CERT-FI #514837 (uknown LSA type segfault)
    
    This vulnerability was reported by CROSS project. They have also
    suggested a fix to the problem, which was found acceptable.
    
    Quagga ospfd does not seem to handle unknown LSA types in a Link State
    Update message correctly. If LSA type is something else than one
    supported by Quagga, the default handling of unknown types leads to an
    error.
    
    * ospf_flood.c
      * ospf_flood(): check return value of ospf_lsa_install()

diff --git a/ospfd/ospf_flood.c b/ospfd/ospf_flood.c
index 41661da..fc0bbf1 100644
--- a/ospfd/ospf_flood.c
+++ b/ospfd/ospf_flood.c
@@ -319,7 +319,8 @@ ospf_flood (struct ospf *ospf, struct ospf_neighbor *nbr,
      procedure cannot overwrite the newly installed LSA until
      MinLSArrival seconds have elapsed. */  
 
-  new = ospf_lsa_install (ospf, nbr->oi, new);
+  if (! (new = ospf_lsa_install (ospf, nbr->oi, new)))
+    return 0; /* unknown LSA type */
 
   /* Acknowledge the receipt of the LSA by sending a Link State
      Acknowledgment packet back out the receiving interface. */

Places

File bug-718061_quagga-master-514837.patch of Package quagga.import5276

Places