(use upvote 👍 for attentions)
Validation Type
[ ] - Fault
[ ] - Config
[X] - Bug CSCwp15375
[ ] - Other
### What needs to be validated
Check all "physical" spine isisDTEp ip addresses in combination with the "physical,proxy-acast-mac", "physical,proxy-acast-v4", and "physical,proxy-acast-v6" ip addresses and validate whether the string byte length is 58 or more
If the length is 58 or more the check is a FAIL and will cause a buffer overflow when tech support runs the command "show isis database detail vrf all"
If the length is 57 or less, the check is a PASS and will not cause an overflow
### Why it needs to be validated
If customer upgrades to affected release, the switches will crash when tech support is generated.
If customer has NDI integration, the tech support generation can happen automatically without user intervention.
### Additional context
An ISIS instance includes 4 different addresses.
- The Physical spine tep
- The "physical,proxy-acast-mac" tep
- The "physical,proxy-acast-v4" tep
- The "physical,proxy-acast-v6" tep
In versions prior to 6.1, we only print #1, #2, and #3 in the output of "show isis database detail vrf all"
Starting in 6.1, we added #4 to the output.
However, if the TEP pool is using ip address scheme which includes fully loaded octets, this can result in memory buffer overflow (>64 bytes) when adding the fourth address to the output.
For example,
Unaffected:
[10.0.0.56, 10.0.6.128, 10.0.6.129, 10.0.6.130]
10.0.0.56 = 9 bytes
", " = 2 bytes
10.0.6.128 = 10 bytes
", " = 2 bytes
10.0.6.129 = 10 bytes
", " = 2 bytes
10.0.6.130 = 10 bytes
null termination = 1 byte
Total = 46 bytes
Affected:
[100.120.248.0, 100.120.176.128, 100.120.176.129, 100.120.176.130]
100.120.248.0 = 13 bytes
", " = 2 bytes
100.120.176.128 = 15 bytes
", " = 2 bytes
100.120.176.129 = 15 bytes
", " = 2 bytes
100.120.176.130 = 15 bytes
null termination = 1 byte
Total = 65 bytes
(use upvote 👍 for attentions)
Validation Type
[ ] - Fault
[ ] - Config
[X] - Bug CSCwp15375
[ ] - Other
### What needs to be validated
Check all "physical" spine isisDTEp ip addresses in combination with the "physical,proxy-acast-mac", "physical,proxy-acast-v4", and "physical,proxy-acast-v6" ip addresses and validate whether the string byte length is 58 or more
If the length is 58 or more the check is a FAIL and will cause a buffer overflow when tech support runs the command "show isis database detail vrf all"
If the length is 57 or less, the check is a PASS and will not cause an overflow
### Why it needs to be validated
If customer upgrades to affected release, the switches will crash when tech support is generated.
If customer has NDI integration, the tech support generation can happen automatically without user intervention.
### Additional context
An ISIS instance includes 4 different addresses.
In versions prior to 6.1, we only print #1, #2, and #3 in the output of "show isis database detail vrf all"
Starting in 6.1, we added #4 to the output.
However, if the TEP pool is using ip address scheme which includes fully loaded octets, this can result in memory buffer overflow (>64 bytes) when adding the fourth address to the output.
For example,