diff options
| author |   claudio <claudio@openbsd.org> | 2016-12-19 07:19:55 +0000 |
|---|---|---|
| committer | claudio <claudio@openbsd.org> | 2016-12-19 07:19:55 +0000 |
| commit | a884a971d77e15368aa433c743460048af29e262 (patch) | |
| tree | fc787200a9cfa27ff698b4ae527d46d317b1928f | |
| parent | openssh-7.4 (diff) | |
| download | wireguard-openbsd-a884a971d77e15368aa433c743460048af29e262.tar.xz wireguard-openbsd-a884a971d77e15368aa433c743460048af29e262.zip | |
In parse_header() not all of the bgp message may be in the buffer yet so
move the MRT msg dump to session_process_msg() after the point the full
message is in the read buffer.
Bug found and fix tested by Ian Bobbitt
| -rw-r--r-- | usr.sbin/bgpd/session.c | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index 7d0ea63ef68..02f6a15012e 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.355 2016/12/18 17:15:07 claudio Exp $ */ +/* $OpenBSD: session.c,v 1.356 2016/12/19 07:19:55 claudio Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org> @@ -1796,6 +1796,7 @@ session_dispatch_msg(struct pollfd *pfd, struct peer *p) int session_process_msg(struct peer *p) { + struct mrt *mrt; ssize_t rpos, av, left; int processed = 0; u_int16_t msglen; @@ -1820,6 +1821,17 @@ session_process_msg(struct peer *p) break; p->rbuf->rptr = p->rbuf->buf + rpos; + /* dump to MRT as soon as we have a full packet */ + LIST_FOREACH(mrt, &mrthead, entry) { + if (!(mrt->type == MRT_ALL_IN || (msgtype == UPDATE && + mrt->type == MRT_UPDATE_IN))) + continue; + if ((mrt->peer_id == 0 && mrt->group_id == 0) || + mrt->peer_id == p->conf.id || (mrt->group_id != 0 && + mrt->group_id == p->conf.groupid)) + mrt_dump_bgp_msg(mrt, p->rbuf->rptr, msglen, p); + } + switch (msgtype) { case OPEN: bgp_fsm(p, EVNT_RCVD_OPEN); @@ -1868,7 +1880,6 @@ session_process_msg(struct peer *p) int parse_header(struct peer *peer, u_char *data, u_int16_t *len, u_int8_t *type) { - struct mrt *mrt; u_char *p; u_int16_t olen; static const u_int8_t marker[MSGSIZE_HEADER_MARKER] = { 0xff, 0xff, @@ -1959,15 +1970,6 @@ parse_header(struct peer *peer, u_char *data, u_int16_t *len, u_int8_t *type) bgp_fsm(peer, EVNT_CON_FATAL); return (-1); } - LIST_FOREACH(mrt, &mrthead, entry) { - if (!(mrt->type == MRT_ALL_IN || (*type == UPDATE && - mrt->type == MRT_UPDATE_IN))) - continue; - if ((mrt->peer_id == 0 && mrt->group_id == 0) || - mrt->peer_id == peer->conf.id || (mrt->group_id != 0 && - mrt->group_id == peer->conf.groupid)) - mrt_dump_bgp_msg(mrt, data, *len, peer); - } return (0); } |