Skip to content

Commit 4f701cf

Browse files
donaldsharpdonaldsharp
authored
Merge pull request #22172 from FRRouting/mergify/bp/stable/10.4/pr-22081
bgpd: Avoid cluster list attribute truncation (backport #22081)
2 parents e9f9c16 + 255a9ea commit 4f701cf

1 file changed

Lines changed: 30 additions & 19 deletions

File tree

bgpd/bgp_attr.c

Lines changed: 30 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -5243,27 +5243,38 @@ bgp_size_t bgp_packet_attribute(struct bgp *bgp, struct peer *peer, struct strea
52435243
stream_put_in_addr(s, &from->remote_id);
52445244

52455245
/* Cluster list. */
5246-
stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
5247-
stream_putc(s, BGP_ATTR_CLUSTER_LIST);
5248-
5249-
if (cluster) {
5250-
stream_putc(s, cluster->length + 4);
5251-
/* If this peer configuration's parent BGP has
5252-
* cluster_id. */
5253-
if (CHECK_FLAG(bgp->config, BGP_CONFIG_CLUSTER_ID))
5254-
stream_put_in_addr(s, &bgp->cluster_id);
5255-
else
5256-
stream_put_in_addr(s, &bgp->router_id);
5257-
stream_put(s, cluster->list, cluster->length);
5246+
/* RFC 4271 4.3 says:
5247+
* The fourth high-order bit (bit 3) of the Attribute Flags octet
5248+
* is the Extended Length bit. It defines whether the Attribute
5249+
* Length is one octet (if set to 0) or two octets (if set to 1).
5250+
*
5251+
* If the Extended Length bit of the Attribute Flags octet is set
5252+
* to 0, the third octet of the Path Attribute contains the length
5253+
* of the attribute data in octets.
5254+
*
5255+
* If the Extended Length bit of the Attribute Flags octet is set
5256+
* to 1, the third and fourth octets of the path attribute contain
5257+
* the length of the attribute data in octets.
5258+
*/
5259+
if (cluster && cluster->length + 4 > 255) {
5260+
stream_putc(s, BGP_ATTR_FLAG_OPTIONAL | BGP_ATTR_FLAG_EXTLEN);
5261+
stream_putc(s, BGP_ATTR_CLUSTER_LIST);
5262+
stream_putw(s, cluster->length + 4);
52585263
} else {
5259-
stream_putc(s, 4);
5260-
/* If this peer configuration's parent BGP has
5261-
* cluster_id. */
5262-
if (CHECK_FLAG(bgp->config, BGP_CONFIG_CLUSTER_ID))
5263-
stream_put_in_addr(s, &bgp->cluster_id);
5264-
else
5265-
stream_put_in_addr(s, &bgp->router_id);
5264+
stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
5265+
stream_putc(s, BGP_ATTR_CLUSTER_LIST);
5266+
stream_putc(s, cluster ? cluster->length + 4 : 4);
52665267
}
5268+
5269+
/* If this peer configuration's parent BGP has
5270+
* cluster_id. */
5271+
if (CHECK_FLAG(bgp->config, BGP_CONFIG_CLUSTER_ID))
5272+
stream_put_in_addr(s, &bgp->cluster_id);
5273+
else
5274+
stream_put_in_addr(s, &bgp->router_id);
5275+
5276+
if (cluster)
5277+
stream_put(s, cluster->list, cluster->length);
52675278
}
52685279

52695280
/* Extended IPv6/Communities attributes. */

0 commit comments

Comments
 (0)